Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Is this a hack attempt


Brian-Bear

Recommended Posts

I have seen this in my last urls list and looks a bit nasty. What are they trying to do?

 

product_info.php?products_id=1649;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172

283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073

6

56C6563742061

 

any ideas

Link to comment
Share on other sites

I have seen this in my last urls list and looks a bit nasty. What are they trying to do?

 

product_info.php?products_id=1649;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292...

 

any ideas

Well it appears to be an IIS / ms-sql injection attack. Looks like you only need to worry about it if your SQL server is Microsoft IIS. Since we're using mySQL for osCommerce (and not ms-sql) then no worries, other than the pain of seeing the request in your logs and the extra bandwidth it generates! :)

 

If you put "CHAR(4000) injection attack" into Google you can find out about it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...