But what does your application do when it gets an invalid SQL statement?
Maybe it is telling the attacker something important about your database so
that they can compromise it with the appropriate injection.

On 2:36PM, Sun, Jun 21, 2015 Lester Caine <les...@lsces.co.uk> wrote:

> On 21/06/15 18:55, Richard wrote:
> >>> OK - this had no chance of success since publish_date_desc is
> >>> >> processed using the _desc ( or _asc ) and any invalid data
> >>> >> stripped
> >>> >>
> >>> >>
> >>> >> &sort_mode=publish_date_desc%20or%20(1,2)=(select*from(select%20n
> >>> >> ame_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const
> >>> >> (CHAR(111,108,111,108,111,115,104,101,114),1))a)%20--%20and%201%3
> >>> >> D1
> >>> >>
> >>> >> The question is more of interest in just what it was trying to
> >>> >> achieve? I presume hack MySQL? So Firebird would barf anyway, but
> >>> >> just trying to something that has generated some several hundred
> >>> >> error log entries in the last two days ...
> >>> >>
> >>> >> Lester Caine - G8HFL
> >>> >>
> >>> >>
> >> > The sub-query is invalid, if valid it would've been equivalent to:
> >> > or (1,2)=(select*from(select 'b2xvbG9zaGVy' as 1, 'b2xvbG9zaGVy'
> >> > as 1))a) -- and 1=1
> >> >
> >> > Seems non threatening to me.
> > Regardless of whether this specific attack could have resulted in
> > harmful sql injection or not, user input should be sanitized so that
> > things never get this far.
>
> ? That is taken direct off the URL! Sod all I can do to prevent it, but
> I was simply asking if I was missing something as it did not make any
> sense? It got no further than the error log but as I said several
> hundred attempts via a few different filter options all of which
> suggested something that was expected to work if the site was a
> vulnerable mysql powered site ... which it's not.
>
> Seems that is just a pointless URL rather than some recently identified
> potential vulnerability?
>
> --
> Lester Caine - G8HFL
> -----------------------------
> Contact - http://lsces.co.uk/wiki/?page=contact
> L.S.Caine Electronic Services - http://lsces.co.uk
> EnquirySolve - http://enquirysolve.com/
> Model Engineers Digital Workshop - http://medw.co.uk
> Rainbow Digital Media - http://rainbowdigitalmedia.co.uk
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
> --

Sent from my android

Reply via email to