Strange code in comment spam.

Discussion in 'Security' started by Blogspotter, Mar 19, 2008.

0
  1. #1
    I got this code below, in a comment today. Is this some kind of hacking tactic?????

    let me know your inputs...


    ' AND 1=0) UNION SELECT 1 FROM wp_users WHERE user_login='admin' and substring(reverse(lpad(conv(substring(user_pass,1,1), 16, 2),4,'0')),1,1)='1' /* (IP: 124.217.227.127 , svservers.com)
     
    Blogspotter, Mar 19, 2008 IP
  2. peepin2me

    peepin2me Well-Known Member

    Messages:
    2,097
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    115
    #2
    Its either for hacking or someone was just trying to scare you :)
     
    peepin2me, Mar 19, 2008 IP
  3. SEOrious Results

    SEOrious Results Peon

    Messages:
    64
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #3
    what that basically means is that someone is trying to retrieve information from the database
     
    SEOrious Results, Mar 20, 2008 IP
  4. schoash

    schoash Active Member

    Messages:
    291
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    55
    #4
    looks like a sql injection attempt
     
    schoash, Mar 20, 2008 IP
  5. joebert

    joebert Well-Known Member

    Messages:
    2,150
    Likes Received:
    88
    Best Answers:
    0
    Trophy Points:
    145
    #5
    Looks like someone trying to scare you, or a noob. The first ")" should cause the whole query to error out on bad syntax even if that section it did make it into the query.
     
    joebert, Mar 20, 2008 IP