gpt4 book ai didi

SQL 注入(inject)尝试,此查询尝试做什么?

转载 作者:行者123 更新时间:2023-12-04 18:25:27 24 4
gpt4 key购买 nike

<分区>

Possible Duplicate:
Site has been hacked via SQL Injection

看起来我的一个网站遭到黑客攻击,我的报告显示尝试了以下查询字符串数据:

QUERY_STRING = ID=-999.9%20UNION%20ALL%20SELECT%200x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536-

它失败了,因为我总是将任何整数参数转换为整数,所以如果尝试这样的事情(经典的 ASP),你会得到不匹配的错误。但是我很困惑上面的查询在尝试什么?它看起来不像我以前见过的任何东西。

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com