sqlserver 数据库被注入解决方案 |
|
本文标签:数据库,被注入 复制代码 代码如下: declare @delStr nvarchar(500) set @delStr=<script src=http://www.kansm.com/js/common.js></script> --这里被注入的字段串 /****************************************/ /**********以下为操作实体************/ set nocount on declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int declare @sql nvarchar(2000) set @iResult=0 declare cur cursor for select name,id from sysobjects where xtype=U open cur fetch next from cur into @tableName,@tbID while @@fetch_status=0 begin declare cur1 cursor for select name from syscolumns where xtype in (231,167,239,175, 35, 99) and id=@tbID open cur1 fetch next from cur1 into @columnName while @@fetch_status=0 begin set @sql=update [ + @tableName + ] set [+ @columnName +]= SUBSTRING([ + @columnName + ], + 1, PATINDEX( % + @delStr + %, [ + @columnName + ])-1) + + SUBSTRING([ + @columnName + ], PATINDEX( % + @delStr + %, [ + @columnName + ]) + + len( + @delStr + ) , datalength([ + @columnName + ])) where [+@columnName+] like %+@delStr+% exec sp_executesql @sql set @iRow=@@rowcount set @iResult=@iResult+@iRow if @iRow>0 begin print 表:+@tableName+,列:+@columnName+被更新+convert(varchar(10),@iRow)+条记录; end fetch next from cur1 into @columnName end close cur1 deallocate cur1 fetch next from cur into @tableName,@tbID end print 数据库共有+convert(varchar(10),@iResult)+条记录被更新!!! close cur deallocate cur set nocount off |
