mssql 清除木马

2012-01-31
技术
暂无评论
1.41K次阅读

代码如下:

drop table te

drop function dbo.mdSQL

select a.name as Cname,b.name as tbname into te from syscolumns a,sysobjects b,systypes c
where b.xtype='U' and a.id=b.id and a.xtype=c.xtype
and c.name in ('text','ntext','varchar','nvarchar','char','nchar')

go
create function mdSQL(@tbname varchar(1000),@Cname varchar(1000),@str varchar(1000))
returns varchar(1000)
as
begin
declare @sql varchar(1000)
set @sql=''
select @sql='update '+@tbname+ ' set '+@Cname + ' = replace(cast('+@Cname+' as varchar(8000)) ,'''+@str+''','''')'
--select @sql='update '+@tbname+ ' set '+@Cname + ' = replace('+@Cname+','''+@str+''','''')'
return @sql
end
go
Declare curStudentFee Cursor
for
select dbo.mdSQL(tbname,Cname,'<script src=https://www.webshell.cc/0.js></script><script src=https://www.webshell.cc/0.js></script>') from te

Declare @iStudentFeeID varchar(1000)
--初始化
Set @iStudentFeeID=''
--打开游标
Open curStudentFee
--循环并提取记录
Fetch Next From curStudentFee Into @iStudentFeeID
While ( @@Fetch_Status=0 )
begin
exec (@iStudentFeeID)
Fetch Next From curStudentFee Into @iStudentFeeID
end

--关闭游标
Close curStudentFee

--释放游标
Deallocate curStudentFee

转载请注明来自WebShell'S Blog，本文地址：https://www.webshell.cc/2698.html

添加新评论

上一篇: DEDECMS安全设置指南
下一篇: 关于Session Fixation