glaslos
commented
6 years ago This is a won't fix. Please use https://github.com/mushorg/snare if this is a issue for you.
Closed bunk3r closed 6 years ago
glaslos
commented
6 years ago This is a won't fix. Please use https://github.com/mushorg/snare if this is a issue for you.
I have in mysql db a lot of tries using union all like this:
http://nowhere.purificato.org/phpmanager/HTTP/newsticker_info.php?idn=999999.9+UnIoN+AlL+SeLeCt+0x393133353134353632312e39,0x393133353134353632322e39,0x393133353134353632332e39,0x393133353134353632342e39,0x393133353134353632352e39,0x393133353134353632362e39,0x393133353134353632372e39,0x393133353134353632382e39,0x393133353134353632392e39,0x39313335313435363231302e39,0x39313335313435363231312e39,0x39313335313435363231322e39,0x39313335313435363231332e39,0x39313335313435363231342e39,0x39313335313435363231352e39,0x39313335313435363231362e39,0x39313335313435363231372e39,0x39313335313435363231382e39,0x39313335313435363231392e39
but they are not recognized as attacks by glastopf.
It should be useful, I think, to parse 'UNION ALL' string as SQL injection. I'm currently very busy and I don't have the time to study and modify the code, so don't blame me if I only notify here about the issue without contribute :)
Hope this helps.