Solved

SQL Injection Evidence? Can any body guess at what this hacker is trying to get at?

Posted on 2009-05-07
2
468 Views
Last Modified: 2013-11-25
I found the following trace in my logs from yesterdays site activity.

Looks to me like someone has tried an SQL injection attack on my site. I tried the query string my self to make sure I was protected, which it seems I was (I use .NET params to send to the database server).

The string doesn't look like like he knows anything about my database. What do you think was being tried here?

[ 189.47.174.160, NV32ts, 189.47.174.160, http://www.site.com/cat/item.aspx?ProdId=190'+And+char(124)+(Select+Cast(Count(1)+as+varchar(8000))+char(124)+From+[sysobjects]+Where+1=1)>0+and+''=' ]
0
Comment
Question by:Cognize
2 Comments
 
LVL 16

Accepted Solution

by:
Chris Harte earned 500 total points
ID: 24324085
Put that into google and you get a few chinese forums that are passing this around. It looks like somebody had a success with this injection and a lot of script kiddies think that all you have to do is cut and paste and it will work anywhere.

If you have an ip address that it came from in your log, find the host and report the abuse. An email saying we know what you are up to usually scares the crap out of them.
0
 
LVL 2

Author Closing Comment

by:Cognize
ID: 31578928
Some place in Brazil apparently. An email was sent to the web host. Doubt much will happen!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Live Storage Vmotion VMs with shared VMDK 10 51
Tsql query 6 18
transaction in asp.net, sql server 6 30
Help in Bulk Insert 9 29
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Learn how ViaSat reduced average response times for IT incidents from 10 minutes to 30 seconds.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now