2

I don't know if this is bad code on our part, or a bot/spider doing something for tracking purposes. What I'm seeing is our URLs are getting modified, and it's generating site errors and error emails that I'm set up to get when it seems like my site is being hacked.

For example, a URL that should read/load like this

http://site.com/page.asp?pid=915411&order=Date

gets loaded like this

http://site.com/page.asp?pid=-1'&order=Date

the email I get shows 

query string = pid=-1%27&order=Date

The IP address that comes up in the error emails always change, but many point to Kiev or Minsk, but are so varied I don't see how I can stop this from happening easily. My site is on an IIS 7.5 server, win2008.

4

2 回答 2

3

有人试图破解您的应用程序。他们正在测试您的应用程序是否将表单或 URL 中的值直接用于 SQL 语句。

这种黑客攻击很容易,被称为“SQL 注入”。检查您的应用程序是否易受攻击,如果需要立即修复它。

此外,尝试跟踪攻击者,如果您发现他们来自一组 IP 地址,请阻止他们。

于 2013-11-08T22:22:16.683 回答
0

使用 HTTP_REEFER 我们可以直接控制 URL 修改。试试下面的代码

if Request.ServerVariables("HTTP_REFERER") = "" Then  
    RESPONSE.WRITE  " <b><h1><font color=blue></font><font color=red>UNSECURED MENU ACCESS</font><font color=blue></font><h1></b> "
response.end
End if
于 2014-03-18T10:42:17.030 回答