PassMark Logo
Home » Forum

Announcement

Collapse
No announcement yet.

Someone is trying to inject code into the search box. Help!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Someone is trying to inject code into the search box. Help!

    I have noticed in the searchwords.log the following
    tzaddikim;DECLARE @S VARCHAR 4000 ;SET @S=CAST 0x4445......
    and then at the end EXEC @S ;-
    can that be an issue? Can this code actually be excuted on our server?
    Thanks
    Myalo

  • #2
    This looks like SQL code. Zoom doesn't even use SQL. So there is zero chance this code will be executed by Zoom.

    It is probably an automated script doing this. I would hope a real hacker would be smarter and come up with something that had half a chance of working

    Comment


    • #3
      Thanks.
      Can you see a scenario where someone can inject code into the search box? Does the search code acount for such situation.
      Myalo

      Comment


      • #4
        Cross site scripting XSS issues are the higher risk area and some old versions of the code had some theoretical holes. But even a successful XSS exploit with Zoom wouldn't usually compromise your site in any case, they are, for most sites, just an inconvenience.

        We have closed off all avenues of attack that we are aware of. And are aren't aware of any successful attacks amongst our users. If you are using V4 and are concerned about XSS, you should upgrade to V5 however.

        Don't be too alarmed however. Pretty much every HTML form on the web is being subjected to these automatic attacks. You only notice it with Zoom becuase you check the logs.

        Comment

        Working...
        X