Home/ Questions/Q 6116947
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T15:15:52+00:00

Possible Duplicate: Site has been hacked via SQL Injection Looks like one of my

  • 0

Possible Duplicate:
Site has been hacked via SQL Injection

Looks like one of my websites had a hacker attempt on it, my reports showed the following querystring data attempted:

QUERY_STRING = ID=-999.9%20UNION%20ALL%20SELECT%200x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536-

It failed because any integer parameter I always cast to an integer so you get mismatch errors if anything like this is tried (classic ASP). But I’m confused what the query above is attempting? It doesn’t look like anything I’ve seen before.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    take a look at:
    Site has been hacked via SQL Injection

    at a first look a guess it was some automatic tool doing some blind sql injection.

    • 0