数据库被批量注入解决办法(SQL语句)
|
admin
2011年1月30日 21:47
本文热度 3440
|
针对最近老是出现的SQL注入,借鉴网上一些SQL语句,写了如下语句。希望对中招的朋友有所帮助。
使用方法:复制以下代码到SQL查询分析器,将‘<script src=http://cn.jxmmtv.com/cn.js></script>’修改成被注入的脚本。
declare @delStr nvarchar(500)
set @delStr='<script src=http://cn.jxmmtv.com/cn.js></script>'
set nocount on
declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int
declare @sql nvarchar(4000)
set @iResult=0
declare cur cursor for
select name,id from sysobjects where xtype='U'
open cur
fetch next from cur into @tableName,@tbID
while @@fetch_status=0
begin
declare cur1 cursor for
--xtype in (231,167,239,175) 为char,varchar,nchar,nvarchar类型35为text,99为ntext
select name from syscolumns where xtype in (35,99) and id=@tbID
open cur1
fetch next from cur1 into @columnName
while @@fetch_status=0
begin
set @sql = 'update ['+ @tableName +'] set [' + @columnName+ '] = replace(cast([' + @columnName + '] as varchar(8000)) ,''' + @delStr + ''','''') where ['+@columnName+'] like ''%'+@delStr+'%'''
--execute sp_executesql @sql --第一次运行,先注释掉本句,查看数据库被破坏情况,根据情况选择是否启用该语句
set @iRow=@@rowcount
set @iResult=@iResult+@iRow
print @sql
fetch next from cur1 into @columnName
set @sql='declare @rowValue varchar(4000);
declare @indexofstr int;
--declare @badrowcount int;
--declare @normalrowcount int;
set @badrowcount = 0
set @normalrowcount = 0
declare cur2 cursor for select ['+ @columnName +'] from [' + @tableName + '];
open cur2;fetch next from cur2 into @rowValue;
while @@fetch_status=0
begin
select @indexofstr = charindex('''+@delStr+''',@rowValue);
if(@indexofstr>0)
set @badrowcount = @badrowcount + 1;
else
set @normalrowcount = @normalrowcount + 1;
fetch next from cur2 into @rowValue;
end;
close cur2;
deallocate cur2;
select @maxlength = max(DATALENGTH( ['+ @columnName +'] )) from [' + @tableName + '] '
declare @badrowcount int,@normalrowcount int,@maxlength int
execute sp_executesql @sql,N'@badrowcount int output,@normalrowcount int output,@maxlength int output',@badrowcount output, @normalrowcount output,@maxlength output
print '表名:[' + @tableName + '] 列名:[' + @columnName +']'
print '包含字符串行数:' + cast (@badrowcount as varchar(20))
print '不包含字符串行数:' + cast (@normalrowcount as varchar(20))
print '本列最长字符串长度:' + cast (@maxlength as varchar(20))
print ''
end
close cur1
deallocate cur1
fetch next from cur into @tableName,@tbID
end
close cur
deallocate cur
print '数据库共有'+convert(varchar(10),@iResult)+'条记录被更新'
该文章在 2011/1/30 21:47:07 编辑过