Closed

Fix SQL Injection Problem on ECard Page on IIS MS SQL

This project received 14 bids from talented freelancers with an average bid price of $ USD.

Get free quotes for a project like this
Employer working
Skills Required
Project Budget
$250 - $750 USD
Total Bids
14
Project Description

A friend's website was recently hacked with a SQL Injection, similar to what is outlined here: [url removed, login to view] Job description: My friend's website was recently hacked using SQL Injection on IIS/MS SQL/.net. The code appears to be simple enough, but unfortunately I don't have the time or tools to recompile the dlls. The hack itself appended some links to the end of every field in the DB. Whenever I have cleaned up the DB, the hack was executed again a day or so later. I was able to find the way that they hacked through the logs. I can provide you with the code, the specific hack that was used to update the DB and the most likely spot in the code that needs to be changed. I believe this should be a fairly straight-forward fix, so I'm looking for pricing to tell my friend. After that, we'll chose the individual to perform the work and move forward on getting a permanent resolution in place. Web development project type: Modification to an existing project Client side or server side development: Server Side Development Specific programming languages desired: aspx, MS SQL, .net Desired website or component functionality: This is the ecard portion of the website, which is located here [url removed, login to view] The hack is detailed here: [url removed, login to view]

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online