If you have been attacked don't feel bad as an Internet search of "b.js" reveals tens of thousands of hacked sites.
The attack cleverly appends a series of SQL commands onto your querystrings and if your code is unprotected, and you don't use Access databases, the commands may be passed on to your SQL server and the damage done.
However, this attack could render your website as "unsafe" in search engine results.
Reversing the Damage
We are also extremely fortunate that the changes can be easily reversed with a few changes of the attackers original SQL commands.
Simply execute the following to clean up the damage. If you have been attacked multiple times (ie. you have multiple script blocks appended to your SQL data) then you will need to execute the following script for each attack.
by John Avis | March 21, 2017
I recently needed to change a client's website to send emails using Amazon SES and encountered a few issues.
by John Avis | June 8, 2016
Although probably no one cares about Classic ASP, except those who still need to support it, I was refreshing my memory today on how to use classes in Classic ASP and found a couple of options for simulating constructors with parameters.
by John Avis | July 31, 2015
As of July 2015, many of my Classic ASP websites have started logging strange errors, either 80004005 or not reporting any error code at all.