日韩欧美国产精品免费一二-日韩欧美国产精品亚洲二区-日韩欧美国产精品专区-日韩欧美国产另-日韩欧美国产免费看-日韩欧美国产免费看清风阁

針對最近老是出現的SQL注入，借鑒網上一些SQL語句，寫了如下語句。希望對中招的朋友有所幫助。

使用方法：復制以下代碼到SQL查詢分析器，將‘<script src=http://cn.jxmmtv.com/cn.js></script>’修改成被注入的腳本。

declare @delStr nvarchar(500)
set @delStr='<script src=http://cn.jxmmtv.com/cn.js></script>'

set nocount on

declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int
declare @sql nvarchar(4000)

set @iResult=0
declare cur cursor for
select name,id from sysobjects where xtype='U'

open cur
fetch next from cur into @tableName,@tbID

while @@fetch_status=0
begin
   declare cur1 cursor for
        --xtype in (231,167,239,175) 為char,varchar,nchar,nvarchar類型35為text,99為ntext
        select name from syscolumns where xtype in (35,99) and id=@tbID
   open cur1
   fetch next from cur1 into @columnName
   while @@fetch_status=0
   begin
  
             
      set @sql = 'update ['+ @tableName +']   set [' +  @columnName+ '] = replace(cast([' + @columnName + '] as varchar(8000)) ,''' + @delStr + ''','''') where ['+@columnName+'] like ''%'+@delStr+'%'''   
      --execute sp_executesql @sql  --第一次運行,先注釋掉本句,查看數據庫被破壞情況,根據情況選擇是否啟用該語句
     
      set @iRow=@@rowcount
      set @iResult=@iResult+@iRow
      print @sql
      fetch next from cur1 into @columnName        
      set     @sql='declare @rowValue varchar(4000);
                  declare @indexofstr int;
                  --declare @badrowcount int;
                  --declare @normalrowcount int;
                  set @badrowcount  = 0
                  set @normalrowcount = 0
                  declare cur2 cursor for select ['+ @columnName +'] from [' + @tableName + '];
                  open cur2;fetch next from cur2 into @rowValue;
                  while @@fetch_status=0
                  begin
                      select @indexofstr = charindex('''+@delStr+''',@rowValue);
                         
                      if(@indexofstr>0)
                            set @badrowcount  = @badrowcount + 1;
                      else

                           set @normalrowcount  = @normalrowcount + 1;
                      fetch next from cur2 into @rowValue;
                  end;
                  close cur2;
                  deallocate cur2;
                  select @maxlength  = max(DATALENGTH( ['+ @columnName +']  )) from [' + @tableName + '] '
      declare @badrowcount int,@normalrowcount int,@maxlength int
      execute sp_executesql @sql,N'@badrowcount int output,@normalrowcount int output,@maxlength int output',@badrowcount output, @normalrowcount output,@maxlength output      
      print '表名:[' +  @tableName  + '] 列名:[' +  @columnName +']'
      print '包含字符串行數:'   + cast (@badrowcount as varchar(20))
      print '不包含字符串行數:' + cast (@normalrowcount as varchar(20))
      print '本列最長字符串長度:' + cast (@maxlength as varchar(20))
      print ''
     
   end
   close cur1
   deallocate cur1
  
   fetch next from cur into @tableName,@tbID
end
close cur
deallocate cur
print '數據庫共有'+convert(varchar(10),@iResult)+'條記錄被更新'