Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Have you seen this?

Published: 2011-04-09
Last Updated: 2011-04-09 13:22:48 UTC
by Chris Carboni (Version: 1)
10 comment(s)

Steve writes,

"I can't put all the pieces together, but there's a malicious scheme afoot involving SQL insertion attempts and search engine optimization, I think.  Seeing logs with an insertion attempt for 0x31303235343830303536 (or "1025480056"), I googled the translated value.  There are a ton of hits on "1025480056" which include the SQL insertion attack in the link that Google presents.  Is this a magic number for Oracle, mysql or MS SQL?  Clearly evil, I'm not sure why, though."

Have you seen this before?  Do you have any idea what it is?  if so, please leave your comments.

Christopher Carboni - Handler On Duty

Keywords:
10 comment(s)

Reader's Choice

Published: 2011-04-09
Last Updated: 2011-04-09 00:11:27 UTC
by Chris Carboni (Version: 1)
10 comment(s)

Given all that is happening in the world of information security, it's not too difficult (usually) to find something to write a diary about.

What would you, our faithful readers like to see?  Are there tips or tricks you're looking for?  Do you want to see more diaries where we pose a challenge for you to solve?  Are there specific topics you would like to see?

Write to us or comment on this diary to let us know what you would like to see, or see more of.

 

Christopher Carboni - Handler On Duty

Keywords:
10 comment(s)
Diary Archives