wordpress SQL Injection

Hong Kong was blocked by firewall for SQL Injection in query string:

Wordfence 로그상


https://mvc.auctionpro.co.kr/?page_id=-4659%29+OR+3553%3D%28SELECT+UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%2858%29%7C%7CCHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28112%29%7C%7CCHR%28113%29%7C%7CCHR%28113%29%7C%7C%28SELECT+%28CASE+WHEN+%283553%3D3553%29+THEN+1+ELSE+0+END%29+FROM+DUAL%29%7C%7CCHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28106%29%7C%7CCHR%28113%29%7C%7CCHR%28113%29%7C%7CCHR%2862%29%29%29+FROM+DUAL%29+AND+%282278%3D2278

https://mvc.auctionpro.co.kr/?page_id=-4659)+OR+3553=(SELECT+UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(112)||CHR(113)||CHR(113)||(SELECT+(CASE+WHEN+(3553=3553)+THEN+1+ELSE+0+END)+FROM+DUAL)||CHR(113)||CHR(120)||CHR(106)||CHR(113)||CHR(113)||CHR(62)))+FROM+DUAL)+AND+(2278=2278

https://mvc.auctionpro.co.kr/?page_id=-4659%29+OR+3553%3D%28SELECT+UPPER%28XMLType%28CHR%2860%29%7C%7CCHR%2858%29%7C%7CCHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28112%29%7C%7CCHR%28113%29%7C%7CCHR%28113%29%7C%7C%28SELECT+%28CASE+WHEN+%283553%3D3553%29+THEN+1+ELSE+0+END%29+FROM+DUAL%29%7C%7CCHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28106%29%7C%7CCHR%28113%29%7C%7CCHR%28113%29%7C%7CCHR%2862%29%29%29+FROM+DUAL%29+AND+%282278%3D2278

https://mvc.auctionpro.co.kr/?page_id=-4659)+OR+3553=(SELECT+UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(107)||CHR(112)||CHR(113)||CHR(113)||(SELECT+(CASE+WHEN+(3553=3553)+THEN+1+ELSE+0+END)+FROM+DUAL)||CHR(113)||CHR(120)||CHR(106)||CHR(113)||CHR(113)||CHR(62)))+FROM+DUAL)+AND+(2278=2278

IP 체크 하니 결과가 없습니다. 로 나옵니다.


We can't find any results. Possibly IP address is unallocated or its whois server is not available.

We can't find any results. Possibly IP address is unallocated or its whois server is not available.

sample 2


"GET /?page_id=328%2F%2A%2A%2F%22%29%29%2F%2A%2A%2FUNION%2F%2A%2A%2FALL%2F%2A%2A%2F
SELECT%2F%2A%2A%2F1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13
%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C%28CHAR%28117%29%2BCHAR%2876%29%2BCHAR%2866%29%2BCHAR%28113%29%2B%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%288919%3D8919%29%2F%2A%2A%2FTHEN%2F%2A%2A%2FCHAR%2849%29%2F%2A%2A%2FELSE%2F%2A%2A%2FCHAR%2848%29%2F%2A%2A%2FEND%29%29%2BCHAR%28105%29%2BCHAR%2897%29%2BCHAR%2869%29%2BCHAR%28111%29%29%2C29%2C30%2C31%2C32%2C33%2C34%2C35%2C36%2C37%2F%2A%2A%2F%2F%2A%2A%2F%2F%2A%2A%2FAND%2F%2A%2A%2F%28%28%22D8eD%22%2F%2A%2A%2FLIKE%2F%2A%2A%2F%22D8eD

"GET /?page_id=328%2F%2A%2A%2F%22%29%29%2F%2A%2A%2FUNION%2F%2A%2A%2FALL%2F%2A%2A%2F

SELECT%2F%2A%2A%2F1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13

%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C%28CHAR%28117%29%2BCHAR%2876%29%2BCHAR%2866%29%2BCHAR%28113%29%2B%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%288919%3D8919%29%2F%2A%2A%2FTHEN%2F%2A%2A%2FCHAR%2849%29%2F%2A%2A%2FELSE%2F%2A%2A%2FCHAR%2848%29%2F%2A%2A%2FEND%29%29%2BCHAR%28105%29%2BCHAR%2897%29%2BCHAR%2869%29%2BCHAR%28111%29%29%2C29%2C30%2C31%2C32%2C33%2C34%2C35%2C36%2C37%2F%2A%2A%2F%2F%2A%2A%2F%2F%2A%2A%2FAND%2F%2A%2A%2F%28%28%22D8eD%22%2F%2A%2A%2FLIKE%2F%2A%2A%2F%22D8eD


328/**/"))
/**/UNION/**/ALL
/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,
(CHAR(117)+CHAR(76)+CHAR(66)+CHAR(113)+
(SELECT/**/(CASE/**/WHEN/**/(8919=8919)/**/THEN/**/CHAR(49)
/**/ELSE/**/CHAR(48)/**/END))+CHAR(105)+CHAR(97)+CHAR(69)+
CHAR(111)),29,30,31,32,33,34,35,36,37/**//**//**/AND/**/(("D8eD"/**/LIKE/**/"D8eD

328/**/"))

/**/UNION/**/ALL

/**/SELECT/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,

(CHAR(117)+CHAR(76)+CHAR(66)+CHAR(113)+

(SELECT/**/(CASE/**/WHEN/**/(8919=8919)/**/THEN/**/CHAR(49)

/**/ELSE/**/CHAR(48)/**/END))+CHAR(105)+CHAR(97)+CHAR(69)+

CHAR(111)),29,30,31,32,33,34,35,36,37/**//**//**/AND/**/(("D8eD"/**/LIKE/**/"D8eD

Solution

.htaccess 에 추가


RewriteEngine On
RewriteCond %{QUERY_STRING} (\%27)|(\')|(\-\-)|(\%23)|(#)
RewriteRule .* - [F]

RewriteEngine On

RewriteCond %{QUERY_STRING} (\%27)|(\')|(\-\-)|(\%23)|(#)

RewriteRule .* - [F]

RewriteEngine On:
RewriteCond %{QUERY_STRING} (%27)|(‘)|(–)|(%23)|(#):
*RewriteRule . – [F]**:

요약하면, 이 .htaccess 설정은 URL의 쿼리 문자열에 특정 위험한 문자가 포함된 경우, 해당 요청을 403 Forbidden 상태 코드로 차단하여 웹 사이트를 보호합니다.