The folks over at Early Impact (makers of ProductCart) have released a tool to help remove JavaScript code from a SQL database that may have been hacked as part of the SQL Injection attacks taking place today on the Internet. Here’s the details from their newsletter and a link to the SQL query you can execute. Please be warned, I haven’t tested this so make sure you have a backup before executing it (just in case):
If your database is hacked
If your store is hacked (JavaScript code added to fields such as product names and descriptions), follow these steps
- Turn off the store
- Clean up the database by either:
- Restoring a back-up copy
- Running a query symmetrical to the offending query (download the SQL query here). Load the query in MS SQL query analyzer and run it multiple times until it says that “0 rows were affected”. Ask your Web master to do this for you, or open a support ticket with Early Impact. Note that this method might not be 100% effective.
- Make sure that you have installed the updated files above (and any other files that might be released related to this Security Alert).
- Re-open the store