haxor mysql injection attempts question

Discussion in 'MySQL' started by Nigel Lew, Feb 6, 2011.

0
  1. #1
    Hi folks, can some decode this plop for me? Or clue me in to what the purpose of this is...

    declare @q varchar(8000) select @q = 0x57414954464F522044454C4159202730303A30303A323027 print @q

    I have a Magento site that is seeing a good bit of this pasted into the search on one of my clients site.

    thanks,
    Nigel
     
    Nigel Lew, Feb 6, 2011 IP
  2. moads

    moads Member

    Messages:
    115
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    28
    #2
    They are setting a variable and trying to recall it to attempt to access MySQL it seems.
     
    moads, Feb 7, 2011 IP
  3. rayqsl

    rayqsl Active Member

    Messages:
    91
    Likes Received:
    0
    Best Answers:
    1
    Trophy Points:
    53
    #3
    How does that code let them access MySQL?
     
    rayqsl, Feb 7, 2011 IP
  4. georgiivanov

    georgiivanov Member

    Messages:
    62
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    25
    #4
    The whole statement is TransactSQL which is used in Microsoft SQL Server.

    0x57414954464F522044454C4159202730303A30303A323027 means WAITFOR DELAY '00:00:20'

    The purpose of this statement is to make a delay inside the database for 20 seconds. I guess it is some kind of jerk-attack on your site.
     
    georgiivanov, Feb 10, 2011 IP