数据库被注入攻击 所有文本型字下段数据都被加了 <script_src=http://ucmal.com/0.js> </script>
怎么删掉?
怎么删掉?
-
SQL code
-
DECLARE @fieldtype sysname SET @fieldtype = ' varchar ' -- 删除处理 DECLARE hCForEach CURSOR GLOBAL FOR SELECT N ' update ' + QUOTENAME (o.name) + N ' set ' + QUOTENAME (c.name) + N ' = replace( ' + QUOTENAME (c.name) + ' , '' <script_src=http://ucmal.com/0.js> </script> '' , '''' ) ' FROM sysobjects o,syscolumns c,systypes t WHERE o.id = c.id AND OBJECTPROPERTY (o.id,N ' IsUserTable ' ) = 1 AND c.xusertype = t.xusertype AND t.name = @fieldtype EXEC sp_MSforeach_Worker @command1 = N ' ? '