» Apr 26th, 2008 4:55 pm

0x000000 # The Hacker Webzine : Massive SQL Injection Attack on MS SQL Server

From what I’ve read:

1) The injection is hex encoded so sanitising the input won’t work to prevent it as it normally would.

2)  MS SQL “allows query stacking by separating the queries” which confirms the exploit. What? Is this like allowing multiple queries with a semicolon? But MySql and Postgresql do that as well, unless you use a “prepare” statment. But then he says that Mysql and Postgresql aren’t exposed to this expolit :confused:

3) The exploit adds some javascript (hidden in an iframe) to a webpage which installs a trojan on your computer. Firefox with NoScript would therefore not be affected. Woo.