Errors this morning

Nitro Owners Forum

Help Support Nitro Owners Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

Rich Stern

Well-Known Member
Joined
Feb 26, 2000
Messages
2,618
Reaction score
1
Hi all. We had a SQL injection attack sometime this morning. It's a sophisticated hacking attack that injects javascript code into the web site database, trying to redirect the site's visitors to some lame site.



We suffered a rash of these several months ago, and I wrote a comprehensive filter to stop these attacks. The filter has since prevented thounands of such hacking attempts, but whoever did this one found a hole and managed to get through. I'll have to investigate why and fix it.



In removing the malicious code from the database, I accidently wiped out the member profile "About Me" field. When I finish cleaning up from the attack, I will attempt to restore those.



Sorry for the inconvenience.



Rich
 
I hope that it didn't try to hack into my computer, as our system uses return ISPs as targeting information to a return cruise missile.
 
No problem. I did get hit with an alert from my local (on my laptop) virus software this morning, after I attempted to get to Nitro. However, it got sent to the quarantee area - and no further problems. Don't know if it was related or not, but thought I'd let you know.



Tex
 
You know I didn't think about it until just now but I had a shutdown and I had to hard boot to get back up.:unsure:
 
to quote a line from the movie "Johnny Dangerously": fargin' ice holes
 
Heck, when I looked at the "about me" part in my member profile I just thought you'd already brought mine up to date on your own?:lol:



Uncle Billy
 
Yep this was identified as a trojan. My McAfee AV software did catch this and removed it. I have been away for a few days to let this get cleaned up. Bass turds like that out to be locked up.
 

Latest posts

Back
Top