Insurance triggers a code injection attack

Ask a Question related to ASP.NET Security, Design and Development.

  1. Sati #1

    Default Insurance triggers a code injection attack

    Hi All,
    Does anyone know how to clean a asp application from a
    virus that converts labels with the word 'Insurance' into
    link button to a web page. It also injects text in the
    textbox when the textbox.text has any reference to
    this 'insurance' word.

    I am using custom controls on custom page. This injection
    seems to be occurring after the pre-render event.


    Thanks in advance.


    Sati Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. SQL Injection
      Hi, I have to check all textboxes in my web application for SQL injection. Is there any ready product that detect SQL inhection patterns? A...
    2. What is CF injection?
      Hello people We are doing a security revision of our application, with the help of some consultants. They alerted us to the risc of ColdFusion...
    3. SQL Injection Vulnerabilities
      In the May 29th, 2005 listserv message from cflib.org, they mention this function, sqlSafe(): http://www.cflib.org/udf.cfm?id=1219 The function...
    4. ATTACK TO MY SYSTEM
      Please I have an important attack in my system! I received many mails from many nets! with virus attachment. I don't have virus in my unix...
    5. XP Attack
      You can always file a complaint with the ISP of the person whose machine the attack originated from. Be sure to send specifics of the attack as you...
  2. Steve #2

    Default RE: Insurance triggers a code injection attack

    Before you resort to drastic action consider whether the 'virus' is infact a 'Browser Helper Object' (BHO) distributed with free/shareware software. These are frequently installed on the back of systems like Kazaa with little explanation of what they actually do.

    One example is Adware, this loads a BHO into Internet Explorer. The BHO reads any HTML text looking for common keywords, then replaces it with an Ad-link. Similar to the symptoms you describe

    There are many removal tools on the market, one that I've used before is Ad-aware by Lavasoft ([url]www.lavasoftusa.com[/url]). Removing spyware may stop some free/shareware programs from running. Remember nothing is truely free right?
    Steve Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139