NYCPHP Meetup

NYPHP.org

[nycphp-talk] Injection Attack, any ideas?

mikesz at qualityadvantages.com mikesz at qualityadvantages.com
Sat Nov 17 01:08:11 EST 2007


Hello Daniel,

> A delayed FYI:

> The term "injection attack" generally means "SQL injection attack", hence
> so many people here talking about properly escaping data heading to your
> database.  Sometimes it means "HTML injection attack", leading to others
> talking about how to escape HTML when generating pages.

> Sounds like your issue turned out to be a plain old bug / programming 
> logic flaw.

> --Dan

Thanks for the reply. You are correct. The real problem is just a form
spammer. I thought it was an injection because I was seeing a MySQL
error message and assumed that they are actually getting to the
database. The client told me that "mysterious" profiles were showing
up in the application. The mystery was his, they were spammers who
were generating the profiles manually. I have been trapping the
traffic to that form and he's getting about 10 spammers bad guys a day
who generate about a hundred bogus forms that die because they can
never be submitted for lack of required data.

The one's that succeed are being generated by hand, at least that is
what it looks like and those are the "mysterious" profiles.

thanks again for the update.
-- 
Best regards,
 mikesz                            mailto:mikesz at qualityadvantages.com




More information about the talk mailing list