清除sql数据库挂马代码

楼主^#

更多发布于：2011-10-03 10:59

[] 1


	declare @delStr nvarchar(500) –set @delStr=’<script src=http://www.atcpu.com /cn.js>’ set @delStr=’<script src=http://www.atcpu.com /cn.js></script>’ /**************************************/ /******以下为操作实体**********/ set nocount on declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int declare @sql nvarchar(500) set @iResult=0 declare cur cursor for select name,id from sysobjects where xtype=’U’ open cur fetch next from cur into @tableName,@tbID while @@fetch_status=0 begin declare cur1 cursor for –xtype in (231,167,239,175) 为char,varchar,nchar,nvarchar类型 select name from syscolumns where xtype in (231,167,239,175) and id=@tbID open cur1 fetch next from cur1 into @columnName while @@fetch_status=0 begin set @sql=’update [' + @tableName + '] set ['+ @columnName +']= replace(convert(varchar(1000),['+@columnName+']),”’+@delStr+”’,””) where ['+@columnName+'] like ”%’+@delStr+’%”’ exec sp_executesql @sql set @iRow=@@rowcount set @iResult=@iResult+@iRow if @iRow>0 begin print ‘表：’+@tableName+’,列:’+@columnName+’被更新’+convert(varchar(10),@iRow)+’条记录;’ end fetch next from cur1 into @columnName end close cur1 deallocate cur1 declare cur2 cursor for –xtype in (99,35) 为ntext,text类型 select name from syscolumns where xtype in (99,35) and id=@tbID open cur2 fetch next from cur2 into @columnName while @@fetch_status=0 begin set @sql=’update [' + @tableName + '] set ['+ @columnName +']= replace(convert(nvarchar(1000),['+@columnName+']),”’+@delStr+”’,””) where ['+@columnName+'] like ”%’+@delStr+’%”’ exec sp_executesql @sql set @iRow=@@rowcount set @iResult=@iResult+@iRow if @iRow>0 begin print ‘表：’+@tableName+’,列:’+@columnName+’被更新’+convert(varchar(10),@iRow)+’条记录;’ end fetch next from cur2 into @columnName end close cur2 deallocate cur2 fetch next from cur into @tableName,@tbID end print ‘数据库共有’+convert(varchar(10),@iResult)+’条记录被更新!!!’ close cur deallocate cur set nocount off from：webshell.cc