Website got hacked

Shortly, after publishing of the website which i was working on few days back, yesterday i noticed some unexpected number of records is being inserted into one of the Share Point List we do have in our system. The purpose of the said list was to get the user comments from the website visitors for the News, Articles, etc via a User Input Form. The said form was fully secured with the client side scripts for malicious data inputs. At first i panicked, because i was worried about the rest of the user input forms also been compromised. But, thankfully its not and the intrusion was limited only to the said form above. 🙂

When investigated the data that hacker tried to inject into the system seems an automated script which is being used for SQL Injection and as well as a sort of a DOS (Denial of Service) attack. As an urgent fix for this had to implement the Captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) feature to make sure the data is being inputted by a human and not from an automated robotic program.

the scripts which was embedded..

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: