If you have been attacked don't feel bad as an Internet search of "b.js" reveals tens of thousands of hacked sites.
The attack cleverly appends a series of SQL commands onto your querystrings and if your code is unprotected, and you don't use Access databases, the commands may be passed on to your SQL server and the damage done.
However, this attack could render your website as "unsafe" in search engine results.
Reversing the Damage
We are also extremely fortunate that the changes can be easily reversed with a few changes of the attackers original SQL commands.
Simply execute the following to clean up the damage. If you have been attacked multiple times (ie. you have multiple script blocks appended to your SQL data) then you will need to execute the following script for each attack.
by John Avis | May 6, 2020
If you are having intermittent problems sending email in .NET using System.Net.Mail consider switching libraries.
by John Avis | November 4, 2019
As support ends for Microsoft Windows Server 2008 I have recently gone through migrating some websites to a new server running Windows Server 2016 and IIS 10 but some of the websites did not work.
by John Avis | October 15, 2019
For a website project I needed a way to enter multiple tags. I just wanted something simple that I could easily modify to suit my own needs, so I wrote my own.