SQL Injection Attack
Someone's been attempting to perform a SQL injection attack on my websites, but thankfully without much luck.I was running through my error and access logs this morning (whilst trying to troubleshoot an issue) and spotted this rather strange entry, well 16 of them this morning alone:
24.47.218.244 - - [28/Aug/2008:05:59:13 +0000] "GET /blog/saffer-brings-veggies-to-life
/?';DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445
...[truncated for brevity]...
%20AS%20CHAR(4000));EXEC(@S); HTTP/1.1" 200 6191 "-" "Mozilla/4.0 (compatible;
MSIE 7.0; Windows NT 5.1; FunWebProducts; .NET CLR 1.1.4322)"
The truncated part is one huge long hexadecimal string. Being the curious person that I am, I investigated these requests a bit further. Continue reading ►