<% virus_present = false BlackList = Array("--", ";", "/*", "*/", "@@", "@",_ "CHAR(","NCHAR","VARCHAR","NVARCHAR",_ "char(","nchar","varchar","nvarchar",_ "ALTER","BEGIN","CAST","CREATE","CURSOR",_ "DECLARE","DELETE","DROP","END","EXEC",_ "EXECUTE","FETCH","INSERT","KILL","OPEN",_ "SELECT","SYS","SYSOBJECTS","SYSCOLUMNS",_ "Cast","sys","sysobjects","syscolumns",_ "TABLE","UPDATE","" d = Check(Request.Form(ss),ss) Next if virus_present then Set MyInjectionMail = CreateObject("CDONTS.NewMail") MyInjectionMail.From= "SQLInjection@nashua.edu" MyInjectionMail.To= "mooreti@nashua.edu; yancop@nashua.edu;" MyInjectionMail.Subject= "SQL Injection attempt caught for " & Request.ServerVariables("SCRIPT_NAME") & " on " & FormatDateTime(now(),vbLongDate) 'set to html type email - this defaults to 1=plaintext so we must set it to 0=html MyInjectionMail.mailformat = 0 MyInjectionMail.bodyformat = 0 ' MyInjectionMail.CC = "Farrenkopf@nashua.edu; " MyInjectionMail.BCC = "" ' MyInjectionMail.Body=display(1) MyInjectionMail.Body = "Someone may be trying to hack our database. It was caught and blocked.
" &_ "
Hacker's Details:

IP Address: "&_ Request.ServerVariables("REMOTE_ADDR")&"
Target Page: http://" & Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("SCRIPT_NAME") &_ "
Browser/OS Info: "& Request.ServerVariables("HTTP_USER_AGENT") &"
Logon User: "&_ request.ServerVariables("LOGON_USER") &"
Request Method: "& request.ServerVariables("REQUEST_METHOD") &_ "
Triggered Post Data: "& Post &"
Querystring: "&request.ServerVariables("QUERY_STRING") &_ "
Server Date/Time: " & now() MyInjectionMail.Send set MyInjectionMail=nothing Response.redirect("../error.asp") end if end if function check(lstr,r) If ( IsEmpty(lstr) ) Then Exit Function ElseIf ( StrComp(lstr, "") = 0 ) Then Exit Function End If if isarray(ignoreChecks) then for each q in ignoreChecks if (InStr (r,q) <> 0) then Exit Function end if next end if lstr = replace(lstr," ","&vbsp") For Each ss in BlackList If (InStr (lstr, ss) <> 0) Then if not virus_present then session("txtError") = "A virus has potentially been located in form. The word/character: " & s & " was located and can be part of a virus attack on the SQL database.
" &_ " Please change this word to another with the same meaning. If this word does not appear on the form, log out of the
" &_ "system and re-enter the data into the application because the virus attack was stopped. While this is an inconvenience,
" &_ "we are trying to insure the integrity of the data." &_ " Database entry Insert, delete or update failed.
" virus_present = true end if post = post & "[" & ss & "] " End If Next lstr = replace(lstr,"&vbsp"," ") check = true end function %>