I have a website that seems to be getting more than a fair share of hacking attempts. It is not broken yet, but I would like to build a good way into the system to detect an attempt and block the IP.
Would there be a better way to find this to just do a string search for phrases like "varchar" and "sysobjects"?
Offensive URL: http://www.example.com/default.aspx?id=58 And char (124) + (Select role (column (1) as varchar (8000)) + char (124) From [sysobjects] Where 1 = 1)> 0
Source: System.Web
Message: An exception of type "System.Web.HttpUnhandledException" was thrown.
User IP: 187.13.142.33
User Browser: Unknown 0.0
User OS: Unknown
Stack Trace: in System.Web.UI.Page.HandleError (exception e) in System.Web.UI.Page.ProcessRequestMain (Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) in System.Web.UI.Page.ProcessRequest (BooleAnount includePooAnAs include ) in System.Web.UI.Page.ProcessRequest () in System.Web.UI.Page.ProcessRequestWithNoAssert (HttpContext context) in System.Web.UI.Page.ProcessRequest (HttpContext context) in ASP.default_aspx.ProcessRequest (HttpContext ) in System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute () in System.Web.HttpApplication.ExecuteStep (step IExecutionStep, logical completion synchronously)
source
share