pageoneresults - 10:07 am on May 27, 2008 (gmt 0)

Welcome to WebmasterWorld andy1!

Create a new user in the DB with read-only access, then update the connection strings in the asp pages to use that account.

The above were instructions that we sent to someone who experienced the same attack. I believe you'll also need to restore the db to a date prior to the hack.

Its a rather nasty one too. I believe it inserts the actual scripts into the sql records. It happens due to the way the sql statements are set up on the actual asp page. Apparently there is an exploit there and it all goes back to how the page was programmed. I'm not a programmer so I know just enough to get me into trouble. ;)