(case When (7365=7365) Then Char(49) Else Char(48) End)) Char(113) Char(113) Char(98) Char(113) Char(113))) And ('armv'='armv | {keyword}') And 7365=convert(int,(select Char(113) Char(98) Char(113) Char(118) Char(113) (select
It asks the database to check if the number 7365 is equal to a value it generates.
The AND ('aRMv'='aRMv at the end is used to balance out the remaining syntax of the original query so the site doesn't crash or show a standard error. It asks the database to check if the
It looks like you’ve shared a snippet of , likely used in security testing or by automated vulnerability scanners. It uses ') to try and close an
It uses ') to try and close an existing data field so it can start running its own commands. If the database processes this and returns a
The CASE WHEN (7365=7365) is a "True/False" test. Since it’s true, it returns CHAR(49) (the number 1). If the database processes this and returns a "1" or a success message, the person running the code knows the site is vulnerable.
Are you currently on a application, or did you find this string in your website's server logs ?
- Biblioteca de Catalunya
Creative Commons - |
- Carrer de l'Hospital, 56. 08001 Barcelona. Tlf.:+34 93 270 23 00. Fax: +34 93 270 23 04
- |
-
alternate_email - |
- Alguns drets reservats
- |
- Nota tecnica
- |
- Avís legal