Guy Ellis Rocks

C# ASP.NET SQL SERVER

SQL Injection Attack part 2

Since I last wrote about a SQL Injection Attach that one of my sites received I took measures to prevent it and now reject a URL with @(cast in it immediately and don't process it any further. This has worked well over the last year and a half and no further attacks of that type have made it into the logs.

I have now started to see URL requests with the following pattern:

...&whichpage=3%20and%20char(124)%2Buser%2Bchar(124)=0

The significant part comes after the =3:

 and |+user+|=0

No idea what they're trying to achieve with this...

Filed under: SQL Server

» Similar Posts

  1. SQL Injection Attack from 82.45.20.100
  2. notify-None_Compliance_Page
  3. lsass.exe and SQL Server pegging CPU at 100%

» Trackbacks & Pingbacks

    No trackbacks yet.
Trackback link for this post:
http://guyellisrocks.com/trackback.ashx?id=213

» Comments

    There are no comments. Kick things off by filling out the form below.

» Leave a Comment