数据库被批量注入解决办法(SQL语句)

针对最近老是出现的SQL注入，借鉴网上一些SQL语句，写了如下语句。希望对中招的朋友有所帮助。

使用方法：复制以下代码到SQL查询分析器，将‘<script src=http://cn.jxmmtv.com/cn.js></script>’修改成被注入的脚本。

declare @delStr nvarchar(500)

set @delStr='<script src=http://cn.jxmmtv.com/cn.js></script>'

set nocount on

declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int

declare @sql nvarchar(4000)

set @iResult=0

declare cur cursor for

select name,id from sysobjects where xtype='U'

open cur

fetch next from cur into @tableName,@tbID

while @@fetch_status=0

begin

   declare cur1 cursor for

        --xtype in (231,167,239,175) 为char,varchar,nchar,nvarchar类型35为text,99为ntext

        select name from syscolumns where xtype in (35,99) and [email protected]

   open cur1

   fetch next from cur1 into @columnName

   while @@fetch_status=0

   begin

      set @sql = 'update ['+ @tableName +']   set [' +  @columnName+ '] = replace(cast([' + @columnName + '] as varchar(8000)) ,''' + @delStr + ''','''') where ['[email protected]+'] like ''%'[email protected]+'%'''   

      --execute sp_executesql @sql  --第一次运行,先注释掉本句,查看数据库被破坏情况,根据情况选择是否启用该语句

      set @iRow=@@rowcount

      set @[email protected][email protected]

      print @sql

      fetch next from cur1 into @columnName        

      set     @sql='declare @rowValue varchar(4000);

                  declare @indexofstr int;

                  --declare @badrowcount int;

                  --declare @normalrowcount int;

                  set @badrowcount  = 0

                  set @normalrowcount = 0

                  declare cur2 cursor for select ['+ @columnName +'] from [' + @tableName + '];

                  open cur2;fetch next from cur2 into @rowValue;

                  while @@fetch_status=0

                  begin

                      select @indexofstr = charindex('''[email protected]+''',@rowValue);

                      if(@indexofstr>0)

                            set @badrowcount  = @badrowcount + 1;

                      else

                           set @normalrowcount  = @normalrowcount + 1;

                      fetch next from cur2 into @rowValue;

                  end;

                  close cur2;

                  deallocate cur2;

                  select @maxlength  = max(DATALENGTH( ['+ @columnName +']  )) from [' + @tableName + '] '

      declare @badrowcount int,@normalrowcount int,@maxlength int

      execute sp_executesql @sql,N'@badrowcount int output,@normalrowcount int output,@maxlength int output',@badrowcount output, @normalrowcount output,@maxlength output      

      print '表名:[' +  @tableName  + '] 列名:[' +  @columnName +']'

      print '包含字符串行数:'   + cast (@badrowcount as varchar(20))

      print '不包含字符串行数:' + cast (@normalrowcount as varchar(20))

      print '本列最长字符串长度:' + cast (@maxlength as varchar(20))

      print ''

   end

   close cur1

   deallocate cur1

   fetch next from cur into @tableName,@tbID

end

close cur

deallocate cur

print '数据库共有'+convert(varchar(10),@iResult)+'条记录被更新'