MS SQL SERVER批量删除木马的语句
drop table te
drop function dbo.mdSQL
select a.name as Cname,b.name as tbname into te from syscolumns a,sysobjects b,systypes c
where b.xtype='U' and a.id=b.id and a.xtype=c.xtype
and c.name in ('text','ntext')
--上边语句用于text类型
--and c.name in ('varchar','nvarchar','char','nchar')
go
create function mdSQL(@tbname varchar(1000),@Cname varchar(1000),@str varchar(1000))
returns varchar(1000)
as
begin
declare @sql varchar(1000)
set @sql=''
select @sql='update '+@tbname+ ' set '+@Cname + ' = replace(cast('+@Cname+' as varchar(8000)) ,'''+@str+''','''')' --select @sql='update '+@tbname+ ' set '+@Cname + ' = replace('+@Cname+','''+@str+''','''')'
return @sql
end
go
select dbo.mdSQL(tbname,Cname,'<script src=http://XXX的SB网站,加马的生孩子没P眼/c.js></script>') from te
以上语句可生成SQL语句,执行一次,可清除所有文本字段内的恶意代码内容
drop function dbo.mdSQL
select a.name as Cname,b.name as tbname into te from syscolumns a,sysobjects b,systypes c
where b.xtype='U' and a.id=b.id and a.xtype=c.xtype
and c.name in ('text','ntext')
--上边语句用于text类型
--and c.name in ('varchar','nvarchar','char','nchar')
go
create function mdSQL(@tbname varchar(1000),@Cname varchar(1000),@str varchar(1000))
returns varchar(1000)
as
begin
declare @sql varchar(1000)
set @sql=''
select @sql='update '+@tbname+ ' set '+@Cname + ' = replace(cast('+@Cname+' as varchar(8000)) ,'''+@str+''','''')' --select @sql='update '+@tbname+ ' set '+@Cname + ' = replace('+@Cname+','''+@str+''','''')'
return @sql
end
go
select dbo.mdSQL(tbname,Cname,'<script src=http://XXX的SB网站,加马的生孩子没P眼/c.js></script>') from te
以上语句可生成SQL语句,执行一次,可清除所有文本字段内的恶意代码内容
顶(0)
踩(1)
- 最新评论