|
|
Forgot to mention that this script only protects against URL based
attacks. You'll have to do something similar to prevent attacks using
forms. Generally the first line of defense is to use <cfqueryparam and
the val() function (for numeric input). This script is just extra
insurance.
regards,
larry
On Jul 25, 9:01 am, larryclyons <larrycly...@xxxxxxxxx> wrote:
> Other than using cfqueryparam, this short script may help with this
> sort of injection attack.
>
> hth,
> larry
>
> <cfif cgi.SCRIPT_NAME contains "CHAR(4000)" OR cgi.PATH_INFO contains
> "CHAR(4000)" OR cgi.QUERY_STRING contains "CHAR(4000)">
> <cfabort>
> </cfif>
> <cfif cgi.SCRIPT_NAME contains "EXEC(" OR cgi.PATH_INFO contains
> "EXEC(" OR cgi.QUERY_STRING contains "EXEC(">
> <cfabort>
> </cfif>
> <cfif cgi.SCRIPT_NAME contains "DECLARE" OR cgi.PATH_INFO contains
> "DECLARE" OR cgi.QUERY_STRING contains "DECLARE">
> <cfabort>
> </cfif>
> <cfif cgi.SCRIPT_NAME contains "CREATE TABLE" OR cgi.PATH_INFO
> contains "CREATE TABLE" OR cgi.QUERY_STRING contains "CREATE TABLE">
> <cfabort>
> </cfif>
> <cfif cgi.SCRIPT_NAME contains "UPDATE" OR cgi.PATH_INFO contains
> "UPDATE" OR cgi.QUERY_STRING contains "UPDATE">
> <cfabort>
> </cfif>
> <cfif cgi.SCRIPT_NAME contains "EXECUTE" OR cgi.PATH_INFO contains
> "EXECUTE" OR cgi.QUERY_STRING contains "EXECUTE">
> <cfabort>
> </cfif>
> <cfif cgi.SCRIPT_NAME contains "CAST(" OR cgi.PATH_INFO contains
> "CAST(" OR cgi.QUERY_STRING contains "CAST(">
> <cfabort>
> </cfif>
>
> UniWebDude wrote:
> > I have tried to submit this in a non-forum fashion, but being as this
> > attack is
> > well published on the internet I thought here is fine.
>
> > We are running linux and CF7 into a MSSQL 2000 backend and we have been on
> > the
> > recieving end of several SQL injection attacks. We have taken action to
> > prevent this specific attack but I wondered if there is/will be a patch to
> > remove this vulnerablility from CF7 ?
>
> > http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:57065
>
> > Cheers,
> > Matt.
|
|