What does this URL attempt to do?

[WMX]

What exactly is someone attempting by accessing this url on my site?

Code:

/?;DECLARE @S CHAR(4000);SET @S=CAST(0x4445434 <snipped about 1200 chars> 736F72 AS CHAR(4000));EXEC(@S);

Obviously they are trying to set a variable and execute the contents. But what are they attempting exactly and under what conditions would it be successful? Thanks

[Mittineague]

I'm sure the answer is in the "snipped about 1200 chars".
I'm also sure the code is obfuscated. To see what it "tranlates" to, if you're willing to take the chance (carefully weigh the risk against your curiosity), run the code without the exec(). Instead try changing that to echo(@s) - PHP, or document.write(@s) - javascript.

[alex.w747]

This may be successful when your site has SQL injection. For example, when it queries database for content which corresponds current URL and the URL is not escaped then you may have SQL injection.

[Crazybanana]

yep it looks like a SQL injection attack. by appending the string to a url request they can be able to modify the field values of your database table to include the following string