Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SQL Injection Attack 1

Status
Not open for further replies.
GhostWolf

GhostWolf

Programmer
Jun 27, 2003
290
US
Can anyone tell me what this code is supposed to do:

0x574 14954 464f5 22044 454c4 15920 27303 03a30 303a3 13527

I've intentionally split it into 5-character groups. I noticed it had been injected, as part of a SQL Exec statement, into an input field on one of our web pages.

Fortunately, my code-behind is written to mangle any suspected SQL code so that it can't execute - but I'm still curious what it was supposed to happen.
 
Sort by date Sort by votes
The "0x" in front means it's hexadecimal, so you break it into pairs. That makes it...

Code: 
57 41 49 54 46 4f 52 20 44 45 4c 41 59 20 27 30 30 3a 30 30 3a 31 35 27

Just translating that to ASCII gets this...

Code: 
WAITFOR DELAY '00:00:15'

Sites like this can help:
 
Upvote 0 Downvote
Well, shucks! I knew what the 0x was, but just assumed they'd be inserting assembler instructions instead of disguised text instructions.

Thank you SamBones, for the link, too.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sara1995
  • Locked
  • Question
IDS vs Firewall vs WAF for protect website against dos attacks
Replies
1
Views
342
mattKnight
mattKnight
jmkelly
  • Locked
  • Question
Interesting port-scanning attack--anyone seen this?
Replies
4
Views
149
iggsterman
iggsterman
little65
  • Locked
  • Question
New Malware Attack 1
Replies
9
Views
110
dglienna
dglienna
thegalaxyboy
  • Locked
  • Question
Policies for having identified an attack via IPS....
Replies
1
Views
66
compuveg
compuveg
kanwalgupta
  • Locked
  • Question
Configuring JDBC pooling for SQL Server 2005 on Tomcat 5.5
Replies
0
Views
42
kanwalgupta
kanwalgupta

Part and Inventory Search

Sponsor

Back
Top