We have been receiving SQL inject attacks on our system and I have a couple of questions I hope someone can answer. Both of the strings below are query strings that were captured in our IIS logs from the same person (one of many of each).
For this first one, we have no idea what they are trying to do with that string. Has anyone seen a query string SQL Injection string like this, and if so, can you tell me what it is trying to do?
|63|80040e07|Conversion_failed_when_converting_the_nvarchar_value_‘R!2^fowler^[email protected]^o5ZGYrLblOj4fujhKejW4EABCRyw0J2qOP6FgdhAjxA=^_^Admin^Disabled^0^Jan__1_2000_12:00AM^Jan__1_1900_12:00AM^0!R’_to_data_type_int.
This second one appears to us to be an obvious SQL inject string. We are wondering why Cloudflare let it through. Shouldn’t Cloudflare have blocked this?
Reference=%28SELECT%20%28CASE%20WHEN%20%287094%3D7094%29%20THEN%20%27Registratio%27%20ELSE%20%28SELECT%206630%20UNION%20SELECT%202171%29%20END%29%29