{"id":52,"date":"2008-09-12T02:27:26","date_gmt":"2008-09-12T05:27:26","guid":{"rendered":"http:\/\/www.tech-nico.com\/blog\/?p=52"},"modified":"2013-06-28T12:36:16","modified_gmt":"2013-06-28T15:36:16","slug":"ataque-a-paginas-asp-y-sql-server-con-trojan-asprox","status":"publish","type":"post","link":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/","title":{"rendered":"Ataque a paginas ASP y SQL SERVER con Trojan AspRox"},"content":{"rendered":"<div id=\"advads-828307055\" class=\"advads-antes-de-contenido advads-entity-placement\" style=\"float: left;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-0513087877342686\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block; text-align:center;\" data-ad-client=\"ca-pub-0513087877342686\" \ndata-ad-slot=\"6331524197\" \ndata-ad-layout=\"in-article\"\ndata-ad-format=\"fluid\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><br style=\"clear: both; display: block; float: none;\"\/><p><strong>Ataque de Cadena ASCII (Encoded\/Binary) Automatica de SQL Injection <\/strong>o en ingles <strong>ASCII Encoded\/Binary String Automated SQL Injection Attack<\/strong>.<\/p><div id=\"advads-719766595\" class=\"advads-contenido-de-la-entrada advads-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-0513087877342686\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block; text-align:center;\" data-ad-client=\"ca-pub-0513087877342686\" \ndata-ad-slot=\"6331524197\" \ndata-ad-layout=\"in-article\"\ndata-ad-format=\"fluid\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p><strong>Descripcion del Ataque:<\/strong><br \/>\nRecientemente, nos venimos cruzando con un tipo de SQL Injection muy particular e interesante, que, hasta ahora puede ser muy dificil de limpiar, incluso hasta con el mas robusto backup de base de datos o esquema de recuperacion. Este ataque masivo es conducido con la ayuda de un robot de internet &#8211;tambien conocido como \u00abmalbot\u00bb y \u00abbotnet\u00bb que tienen perspectivas de atacar diariamente. Esto es como si cada uno de estos \u00abRobots\u00bb disparan una serie de injecciones SQL de forma continua y cotidiana hasta que los resultados del malefico script son sensados en las paginas webs atacadas como posibles indicadores de vulnerabilidad.<br \/>\n(De hecho,\u00a0cuando google escanea nuestro sitio para indexar contenidos,\u00a0detecta que la web esta infectada, o interpreta que esta distribuyendo software malintencionado). Firefox esta usando dicho cache de paginas malintencionadas de google, y muestra la siguiente pantalla:<\/p>\n<div id=\"attachment_56\" style=\"width: 310px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2008\/09\/este_sitio_es_una_web_ataca.jpg\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-56\" class=\"size-medium wp-image-56 \" title=\"este_sitio_es_una_web_ataca\" src=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2008\/09\/este_sitio_es_una_web_ataca.jpg?resize=300%2C175\" alt=\"\" width=\"300\" height=\"175\" srcset=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2008\/09\/este_sitio_es_una_web_ataca.jpg?resize=300%2C175 300w, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2008\/09\/este_sitio_es_una_web_ataca.jpg?w=645 645w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-56\" class=\"wp-caption-text\">Firefox ante una pagina Infectada con ASProx<\/p><\/div>\n<p>Detras del botnet, este ataque, llamado <a href=\"http:\/\/www.cio.com.au\/index.php\/id;552560972\">ASProx<\/a>, fue previamente asociado con ataques Pishing, y <strong>ahora esta indirectamente distribuyendo <a href=\"http:\/\/www.stopbadware.org\/home\/security\">Malware<\/a> a traves de estos sitios webs que son vulnerables al SQL injection<\/strong>. Los atacantes tienen dise\u00f1ado el Asprox para reproducirse con la ayuda del Buscador Google, una busqueda inicial de paginas webs que utilizan tecnologias ASP (.asp), ASP.net (.aspx), y PHP (.php).<\/p>\n<p>El ASProx botnet tambien utiliza un <a href=\"http:\/\/xssworm.blogvis.com\/23\/xssworm\/dns-fast-fluxing-are-you-protected-ca-experts-issue-warning-of-new-hacker-attack\/\">DNS Fast Fluxing<\/a> como tecnica para ocultar la entrega real del malware, detras de una red cambiante de hosts comprometidos que actuan como apoderados. La infraestructura del botnet crece constantemente. No hay nada nuevo en la forma en que el siguiente T-SQL se inyecta. Sin embargo, el car\u00e1cter gen\u00e9rico del script es algo interesante para ver.<\/p>\n<p>Las siguientes 3 variantes estan siendo injectadas a traves de HTTP GET:<\/p>\n<p>&#8216;;DECLARE%20@S%20NVARCHAR(4000);SET%20@S=CAST(0x44004500 &#8230; 06F007200%20AS%20NVARCHAR(4000));EXEC(@S);&#8211;<\/p>\n<p>;DECLARE%20@S%20VARCHAR(4000);SET%20@S=CAST(0x4445434C &#8230; 736F7220%20AS%20VARCHAR(4000));EXEC(@S);&#8211;<\/p>\n<p>&#8216;;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C &#8230; 72736F72%20AS%20CHAR(4000));EXEC(@S);<\/p>\n<p>En resumen; <strong>lo que hace es a\u00f1adir ciegamente el script al valor actual de cualquier columna de la base de datos<\/strong>; o en otra de sus versiones primero verifica si la entrada\u00a0actual ya no ha sido infectada, evitando la repeticion excesiva del script. Ademas, el script T-SQL( transact SQL), no solo Inyecta codigo Javascript en la base de datos sino que tambien\u00a0agrega la etiqueta de declaracion de comentarios de HTML \u00ab&lt;!&#8211;\u00bb al final del contenido del registro infectado para que intencionalmente se oculte e\u00a0impida que el HTML sea cargado.<\/p>\n<p>Dentro del Javascript que inyecta el en la base de datos, hay un include\u00a0JS que puede figurar en cada ataque con un nombre de dominios distinto: ejemplo: (hay decenas de ellos)<\/p>\n<p>http:\/\/www.64asp.ru\/script.js<br \/>\nhttp:\/\/www.sel92.ru\/script.js\u00a0<br \/>\nhttp:\/\/www.22net.ru\/script.js\u00a0<br \/>\nhttp:\/\/www.51com.ru\/script.js<\/p>\n<p><strong>El resultado final (para los sistemas infectados) es un malware ejecutable con el nombre \u00abmsscntr32.exe\u00bb, que es instalado en el sistema como Servicio de Windows con el nombre \u00abMicrosoft Security Center Extension\u00bb.<\/strong><\/p>\n<p>Como hacer inmunes tus Aplicaciones Web y base de datos de tales ataques SQL Injection automaticos. Los siguientes fragmentos de c\u00f3digo (3.0\/VB ASP y ASP.NET \/ C #) demuestran la imperfeccion de la aplicacion con un rapido enfoque:<\/p>\n<p><code>&lt;%<\/code><\/p>\n<p>Dim strQuery<br \/>\nstrQuery = UCase(Request.ServerVariables(\u00abQUERY_STRING\u00bb))<br \/>\nstrQuery = Replace(URLDecode(strQuery), \u00bb \u00ab, \u00ab\u00bb)<br \/>\nIf InStr(strQuery,\u00bbEXEC(\u00ab) &gt; 0 OR _<br \/>\nInStr(strQuery,\u00bbSELECT\u00bb) &gt; 0 OR _<br \/>\nInStr(strQuery,\u00bbINSERT\u00bb) &gt; 0 OR _<br \/>\nInStr(strQuery,\u00bbUPDATE\u00bb) &gt; 0 OR _<br \/>\nInStr(strQuery,\u00bbDELETE\u00bb) &gt; 0 OR _<br \/>\nLen(strQuery) &gt; 500 Then<br \/>\nResponse.Write 1\/0<br \/>\nEnd If<br \/>\n%&gt;<\/p>\n<p>fuente: <a href=\"http:\/\/www.bloombit.com\/Articles\/2008\/05\/ASCII-Encoded-Binary-String-Automated-SQL-Injection.aspx\">bloombit<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ataque de Cadena ASCII (Encoded\/Binary) Automatica de SQL Injection o en ingles ASCII Encoded\/Binary String Automated SQL Injection Attack. Descripcion del Ataque: Recientemente, nos venimos cruzando con un tipo de SQL Injection muy particular e interesante, que, hasta ahora puede &hellip; <a href=\"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/\">Sigue leyendo <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":600,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[38],"tags":[39,27],"class_list":["post-52","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-seguridad","tag-sql","tag-virus"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ataque a paginas ASP y SQL SERVER con Trojan AspRox &#183; Tech-nico.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ataque a paginas ASP y SQL SERVER con Trojan AspRox &#183; Tech-nico.com\" \/>\n<meta property=\"og:description\" content=\"Ataque de Cadena ASCII (Encoded\/Binary) Automatica de SQL Injection o en ingles ASCII Encoded\/Binary String Automated SQL Injection Attack. Descripcion del Ataque: Recientemente, nos venimos cruzando con un tipo de SQL Injection muy particular e interesante, que, hasta ahora puede &hellip; Sigue leyendo &rarr;\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/\" \/>\n<meta property=\"og:site_name\" content=\"Tech-nico.com\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/pages\/Tech-nico\/112469155508017\" \/>\n<meta property=\"article:published_time\" content=\"2008-09-12T05:27:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-06-28T15:36:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400\" \/>\n\t<meta property=\"og:image:width\" content=\"1650\" \/>\n\t<meta property=\"og:image:height\" content=\"1400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"soporte\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@nicolpo\" \/>\n<meta name=\"twitter:site\" content=\"@nicolpo\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"soporte\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#article\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/\"},\"author\":{\"name\":\"soporte\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/person\\\/fbfacdf16e18b339cd034c484e312274\"},\"headline\":\"Ataque a paginas ASP y SQL SERVER con Trojan AspRox\",\"datePublished\":\"2008-09-12T05:27:26+00:00\",\"dateModified\":\"2013-06-28T15:36:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/\"},\"wordCount\":637,\"commentCount\":1,\"publisher\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"keywords\":[\"SQL\",\"virus\"],\"articleSection\":[\"seguridad\"],\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/\",\"url\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/\",\"name\":\"Ataque a paginas ASP y SQL SERVER con Trojan AspRox &#183; Tech-nico.com\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#primaryimage\"},\"image\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"datePublished\":\"2008-09-12T05:27:26+00:00\",\"dateModified\":\"2013-06-28T15:36:16+00:00\",\"breadcrumb\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"width\":1650,\"height\":1400},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ataque a paginas ASP y SQL SERVER con Trojan AspRox\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#website\",\"url\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/\",\"name\":\"Tech-nico.com\",\"description\":\"Mikrotik \\\/ Ubiquiti \\\/ Programacion \\\/ Seguridad\",\"publisher\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#organization\",\"name\":\"Tech-Nico.com\",\"url\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i1.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"contentUrl\":\"https:\\\/\\\/i1.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"width\":1650,\"height\":1400,\"caption\":\"Tech-Nico.com\"},\"image\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"http:\\\/\\\/www.facebook.com\\\/pages\\\/Tech-nico\\\/112469155508017\",\"https:\\\/\\\/x.com\\\/nicolpo\"]},{\"@type\":\"Person\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/person\\\/fbfacdf16e18b339cd034c484e312274\",\"name\":\"soporte\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g\",\"caption\":\"soporte\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ataque a paginas ASP y SQL SERVER con Trojan AspRox &#183; Tech-nico.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/","og_locale":"es_ES","og_type":"article","og_title":"Ataque a paginas ASP y SQL SERVER con Trojan AspRox &#183; Tech-nico.com","og_description":"Ataque de Cadena ASCII (Encoded\/Binary) Automatica de SQL Injection o en ingles ASCII Encoded\/Binary String Automated SQL Injection Attack. Descripcion del Ataque: Recientemente, nos venimos cruzando con un tipo de SQL Injection muy particular e interesante, que, hasta ahora puede &hellip; Sigue leyendo &rarr;","og_url":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/","og_site_name":"Tech-nico.com","article_publisher":"http:\/\/www.facebook.com\/pages\/Tech-nico\/112469155508017","article_published_time":"2008-09-12T05:27:26+00:00","article_modified_time":"2013-06-28T15:36:16+00:00","og_image":[{"width":1650,"height":1400,"url":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","type":"image\/jpeg"}],"author":"soporte","twitter_card":"summary_large_image","twitter_creator":"@nicolpo","twitter_site":"@nicolpo","twitter_misc":{"Escrito por":"soporte","Tiempo de lectura":"3 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#article","isPartOf":{"@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/"},"author":{"name":"soporte","@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/person\/fbfacdf16e18b339cd034c484e312274"},"headline":"Ataque a paginas ASP y SQL SERVER con Trojan AspRox","datePublished":"2008-09-12T05:27:26+00:00","dateModified":"2013-06-28T15:36:16+00:00","mainEntityOfPage":{"@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/"},"wordCount":637,"commentCount":1,"publisher":{"@id":"http:\/\/www.tech-nico.com\/blog\/#organization"},"image":{"@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","keywords":["SQL","virus"],"articleSection":["seguridad"],"inLanguage":"es","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/","url":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/","name":"Ataque a paginas ASP y SQL SERVER con Trojan AspRox &#183; Tech-nico.com","isPartOf":{"@id":"http:\/\/www.tech-nico.com\/blog\/#website"},"primaryImageOfPage":{"@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#primaryimage"},"image":{"@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","datePublished":"2008-09-12T05:27:26+00:00","dateModified":"2013-06-28T15:36:16+00:00","breadcrumb":{"@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#primaryimage","url":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","contentUrl":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","width":1650,"height":1400},{"@type":"BreadcrumbList","@id":"http:\/\/www.tech-nico.com\/blog\/ataque-a-paginas-asp-y-sql-server-con-trojan-asprox\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"http:\/\/www.tech-nico.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Ataque a paginas ASP y SQL SERVER con Trojan AspRox"}]},{"@type":"WebSite","@id":"http:\/\/www.tech-nico.com\/blog\/#website","url":"http:\/\/www.tech-nico.com\/blog\/","name":"Tech-nico.com","description":"Mikrotik \/ Ubiquiti \/ Programacion \/ Seguridad","publisher":{"@id":"http:\/\/www.tech-nico.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.tech-nico.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"http:\/\/www.tech-nico.com\/blog\/#organization","name":"Tech-Nico.com","url":"http:\/\/www.tech-nico.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/i1.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","contentUrl":"https:\/\/i1.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","width":1650,"height":1400,"caption":"Tech-Nico.com"},"image":{"@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/pages\/Tech-nico\/112469155508017","https:\/\/x.com\/nicolpo"]},{"@type":"Person","@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/person\/fbfacdf16e18b339cd034c484e312274","name":"soporte","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g","caption":"soporte"}}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/phA9Q-Q","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":58,"url":"http:\/\/www.tech-nico.com\/blog\/solucion-asprox-cleaner\/","url_meta":{"origin":52,"position":0},"title":"Solucion: ASProx Cleaner","author":"soporte","date":"septiembre 12, 2008","format":false,"excerpt":"Algo que note es que algunos antivirus, al menos es el caso de AVG 8 en IE7, lo detecta como Troyano cuando ingresas al sitio infectado. Pero en otros casos no sucede. Por lo que, al ingresar al sitio, se infecta la PC, y luego esa PC infecta otros sitios?\u2026","rel":"","context":"En \u00abseguridad\u00bb","block_context":{"text":"seguridad","link":"http:\/\/www.tech-nico.com\/blog\/category\/seguridad\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=1050%2C600 3x"},"classes":[]},{"id":816,"url":"http:\/\/www.tech-nico.com\/blog\/tip-mysql-dump-volcando-por-tablas\/","url_meta":{"origin":52,"position":1},"title":"Tip MySQL: DUMP &#8211; Volcando por tablas","author":"soporte","date":"junio 21, 2018","format":false,"excerpt":"TIP MYSQL Como exportar tablas de mysql por consola: Hay veces en que si la base de datos se hace muy grande podemos tener la necesidad de exportarla por partes. Este ejemplo lo use para exportar una base de datos mysql de Wordpress, con lo cual la tabla \"Posts\"\u00a0era la\u2026","rel":"","context":"En \u00abgeneral\u00bb","block_context":{"text":"general","link":"http:\/\/www.tech-nico.com\/blog\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=1050%2C600 3x"},"classes":[]},{"id":216,"url":"http:\/\/www.tech-nico.com\/blog\/flash-cs3-arma-tu-propio-datagrid-con-tooltips\/","url_meta":{"origin":52,"position":2},"title":"Flash CS3: Arma tu propio Datagrid con Tooltips","author":"soporte","date":"julio 5, 2011","format":false,"excerpt":"Despu\u00e9s\u00a0de tanto tiempo sin postear, me\u00a0decid\u00ed\u00a0por traerles un Datagrid (Flash) que tuve que armar en un apuro cuando necesitaba terminar uno de mis trabajos. La\u00a0aplicaci\u00f3n\u00a0era muy sencilla: Imprimir datos\u00a0de un Stored Procedure de SQL Server, por medio de un archivito en ASP, que parseado por Flash mostrara datos en pantalla.\u2026","rel":"","context":"En \u00abFlash\u00bb","block_context":{"text":"Flash","link":"http:\/\/www.tech-nico.com\/blog\/category\/programacion\/flash\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=1050%2C600 3x"},"classes":[]},{"id":172,"url":"http:\/\/www.tech-nico.com\/blog\/galeria-de-fotos-flash-con-comentarios-php\/","url_meta":{"origin":52,"position":3},"title":"Galeria de Fotos Flash II con Comentarios","author":"soporte","date":"diciembre 2, 2009","format":false,"excerpt":"Por suerte la\u00a0Galeria de Fotos en Flash y PHP (con thumbs GD) y lectura de folders tubo mucha\u00a0aceptaci\u00f3n;\u00a0as\u00ed\u00a0que\u00a0aqu\u00ed\u00a0va la \"Versi\u00f3n\u00a0del Galery en flash con comentarios\" tipo fotolog :D Como varios me lo han pedido, aqui esta la version del galery en flash con comentarios. El sistema de comentarios se basa\u2026","rel":"","context":"En \u00abFlash\u00bb","block_context":{"text":"Flash","link":"http:\/\/www.tech-nico.com\/blog\/category\/programacion\/flash\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=1050%2C600 3x"},"classes":[]},{"id":270,"url":"http:\/\/www.tech-nico.com\/blog\/crontab-y-php-enviar-logs-procesos-o-backups-via-mail\/","url_meta":{"origin":52,"position":4},"title":"Crontab y PHP: Enviar logs, procesos, o backups via mail","author":"soporte","date":"noviembre 29, 2011","format":false,"excerpt":"Algo que\u00a0surgi\u00f3\u00a0anoche en la clase de Linux (Crontab), fue casualmente \"poder hacer un backup\u00a0autom\u00e1tico\u00a0y que lo\u00a0envie\u00a0a nuestro mail\".\u00a0Todav\u00eda\u00a0no aprendimos Bash Scripting \/ Pyton \/ Perl o bien para el que esta mi\u00a0situaci\u00f3n, tenemos la alternativa de ejecutar un script PHP. Inicialmente este script hacia un dump de la base de\u2026","rel":"","context":"En \u00ablinux\u00bb","block_context":{"text":"linux","link":"http:\/\/www.tech-nico.com\/blog\/category\/linux\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&resize=1050%2C600 3x"},"classes":[]},{"id":864,"url":"http:\/\/www.tech-nico.com\/blog\/routeros-ipv6-vulnerable-todas-las-versiones\/","url_meta":{"origin":52,"position":5},"title":"RouterOS IPv6 Vulnerable {todas las versiones}","author":"soporte","date":"abril 2, 2019","format":false,"excerpt":"Sin tan solo tenes IPv6 activado y no lo estas usando, sos vulnerable a un pseudo ataque por una vulnerabilidad que esta en el Kernel de RouterOS y al parecer (Segun Normis), al ser un kernel tan viejo es muy dificil parchearlo. Problemas en el para\u00edso Hay publicaciones oficiales de\u2026","rel":"","context":"En \u00abmikrotik\u00bb","block_context":{"text":"mikrotik","link":"http:\/\/www.tech-nico.com\/blog\/category\/mikrotik\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2019\/04\/IPv6-image.jpeg?fit=500%2C292&resize=350%2C200","width":350,"height":200},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts\/52","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/comments?post=52"}],"version-history":[{"count":7,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts\/52\/revisions"}],"predecessor-version":[{"id":55,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts\/52\/revisions\/55"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/media\/600"}],"wp:attachment":[{"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/media?parent=52"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/categories?post=52"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/tags?post=52"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}