1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HTML/Infected.WebPage.Gen on their web site?

Discussion in 'The Lounge - Off Topic' started by piccadilly, Jan 28, 2009.

  1. piccadilly

    piccadilly Byte Poster

    Hi all,

    As anyone here had a HTML/Infected.WebPage.Gen on their web site?

    My ISP says it was an SQL injection attack, but from reading the description below, it looks like a server attack?

    The ISP now want me to pay £400 to get the data restored.

    My word against theirs and they have the data.



    A common attack against the web infrastructure can be the infection of harmless web pages. Some malware changes every HTML file stored on the disc and adds a link (very often an IFrame) to a site hosting malicious code. Other attacks can aim for the web servers and try to insert forwarding to the pages hosted there. The owner of these pages is advised to take them offline. Fix the hole (either on his own PC or on the server), check the pages for infections, clean them and go online again. Infected Web Pages often contain additional Iframe, Object or Script Tags. The Script Tags often contain encrypted Code.
  2. zebulebu

    zebulebu Terabyte Poster

    Um... A SQL Injection is a server attack. SQL Injection attacks arise from improperly validated user input. This usually takes the form of attempting to 'inject' (hence the name) data that contains backe-end commands into an input form. For instance, a password reset form on a website might execute a command on the back-end DB that says 'retrieve password for user x and email them'. If the front-end app is not coded to scrape user inputted data correctly a malicious user may be able to 'escape' out of the form by putting, for instance, a single quote (') in the form and then adding their own malicious code afterward.

    The code on your site obviously isn't sanitised against malicious input - in which case the ISP isn't responsible - you, as the webmaster, are. You need to make sure you validate all user input thoroughly to mitigate against this risk.
    Certifications: A few
    WIP: None - f*** 'em
  3. Fergal1982

    Fergal1982 Petabyte Poster

    ultimately, even if it was a server attack, the likelyhood is that the T's&C's you signed with the host declare that they are not liable for the loss of any data you place on their site. In this case, it makes not a jot who/what is at fault, you should (in their expectation), have backed up the data on the site.
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  4. piccadilly

    piccadilly Byte Poster

    I was hoping our off-site Web team would have done that. Nope.

    Guess who gets the grief!

Share This Page