daninjapan Posted October 1, 2008 Share Posted October 1, 2008 Has anyone noticed the declare hack in the 'who's online' feature recently? It seems i'm being hit with it every day. The URL looks something like this: /?;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204 I've been reading about it, and it seems it is a hack that is trying to get into your SQL database to plant things in there. Is the oscommerce script protected against this hack, or is ther any updates available for this? Link to comment Share on other sites More sharing options...
spooks Posted October 1, 2008 Share Posted October 1, 2008 http://www.oscommerce.com/forums/index.php?showtopic=313323 Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
daninjapan Posted October 2, 2008 Author Share Posted October 2, 2008 I have put the following in my htaccess file: RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC] RewriteRule .* - [F] Can anyone see any problems with this rewrite? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.