看起来我的某个网站上有黑客尝试,我的报告显示以下查询字符串数据:
QUERY_STRING = ID=-999.9%20UNION%20ALL%20SELECT%200x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536-
它失败了,因为任何整数参数我总是强制转换为整数,所以如果尝试了类似的东西(经典ASP),就会出现不匹配错误。但我很困惑上面的查询是在尝试什么?它看起来不像我以前见过的任何东西。