My Entertainment for the Day
If you have WhosOnCFC up and running and a good sense of humor, I threw this little script together real fast so I could see how many SQL injection attacks I have received.
<cfset myQuery=application.whoson.WhosOnline(true,true)>
<cfset attacks=0>
<cfloop query="myquery">
<cfif findNoCase("cast(",myQuery.CurrentPage)>
<cfset attacks=attacks+1>
</cfif>
</cfloop>
<br>
<br>
<cfoutput>SQL Injection attacks in the last #application.whoson.getCurrentControlSet().trackTime# hours: #attacks#</cfoutput>
<cfset attacks=0>
<cfloop query="myquery">
<cfif findNoCase("cast(",myQuery.CurrentPage)>
<cfset attacks=attacks+1>
</cfif>
</cfloop>
<br>
<br>
<cfoutput>SQL Injection attacks in the last #application.whoson.getCurrentControlSet().trackTime# hours: #attacks#</cfoutput>
I had really slowed down there for a little while, alas, it looks like business is picking up. 28 attacks and growing so far today.
Too bad the page everyone is attacking is fed through RSS.... ;)
Comments
[Add Comment]
The SQL Injection Attack Wall of Shame... http://www.kisdigital.com/pages/attacks.cfm
# Posted By Shane Zehnder
| 8/6/08 4:10 PM
[Add Comment]