Got a call today off our previous article in this series from Branden of Hot Media Group, Inc., aChicago-based web application development, networking, and graphic design firm who found himself with a database full of malware infections, but the characteristics of his attack didn't match what we had written about, so he called us up.
NEW AND IMPROVED UPDATE: Cleaning Up After a SQL Injection Attack, Part 2
[UPDATE: Added code to deal with replacing text in the ntext fields of SQL Server 2000.]
One of our clients got hit with a web attack a week or so ago. We're still not quite sure how this particular attack was carried out -- we're thinking an unpatched web server at the hosting facility -- but it did cause me to look at the log file of the web site to see who might have been able to overwrite index.