Someone posted a comment to this blog earlier, looks like they were trying to use SQL injection to beat the spam filters or it may have been a real person trying their luck.
Anyway I find this stuff pretty interesting so I thought I would post the attack, here is what he posted:
Bill883205666','firstname.lastname@example.org','','10.134.123.1','2008-06-14 08:04:27','2008-06-14 08:04:27','','0','lynx','comment','0','0'),('0', '', '', '', '', '008-06-15 08:04:27', '2008-06-15 08:04:27', '', 'spam', '', 'comment', '0','0' ) /* | None | IP: 18.104.22.168
I think it’s pretty clever how he tries to make the SQL post his message with a fake IP address. I’m also really curious why he takes the trouble to add a fake spam comment to the end of the query.
I looked up the IP address it seems to be associated with a shared server provided by svservers.com. I guess this guy didn’t get a private IP address.
Results 22.214.171.124 resolves to "svservers.com" Top Level Domain: "svservers.com" Country IP Address: MALAYSIA
Anyway that’s all for now. If anyone could explain more about what he’s up to I would be interested to hear it.
Edit2: I no longer use a database at all for the blog! Unfortunately, in the transition, the quotes from the SQL have been munged somewhat. Hopefully, I’ve got them right…