SQL Injection DDoS attack?

[C.J]

I've come into work today, to find 180 emails through our website with similar text, possibly an attack?

Any idea what these mean, and what they were trying to gain?

"; waitfor delay '0:0:4' --

';select pg_sleep(4); --

(sleep(4)+1) limit 1 --

"=sleep(4)="

They were all sent within 1min of each other.

 

[Adam.]

Probing for info.

Depending on the output of the error page you can slowly build up details of the tablets and stuff. (was about 5 years ago I done it but something along those lines iirc).

 

[Sym0n]

Yup a blind SQL injection trying to get a data leak. Try sticking it in to google, you should find a full explanation or a billion results where it's been used on other sites - comments etc.

 

[Cup_Phil]

postgre sql injection attempt, and a few others. Probing to see what database your site is running and whether it's open to sql injection in general.

Why are they coming through on email though? Is it a contact form or something?

 

[C.J]

Yes, it's a contact form they were using. They were inputting their text into the fields.

 

[Cup_Phil]

Not much of a problem then - except I'd stick a captcha on the contact form
Might wanna check if any publicly accessible forms save straight to databases though