清除并防止C.JS注入MSSQL数据库

----------------- 清理数据库注入代码 ----------------

declare @delStr varchar(8000)set @delStr='<script src=http://3%62omb.com/c.js></script>'set @delStr='<script src=http://3bomb.%63%6Fm/c.js></script>'set @delStr='<script src=http://3b%6F%6Db.com/c.js></script>'set @delStr='<script src=http://%33bomb.com/c.js></script>'set @delStr='<script src=http://3bomb.co%6D/c.js></script>'set @delStr='<script src=http://3bom%62%2Ecom/c.js></script>'set @delStr='<script src=http://3b%6Fmb.com/c.js></script>'set @delStr='<script src=http://3bomb.c%6Fm/c.js></script>'set @delStr='<script src=http://%33%62omb.com/c.js></script>'

set nocount on

declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult intdeclare @sql nvarchar(500)

set @iResult=0declare cur cursor forselect name,id from sysobjects where xtype='U'

open curfetch next from cur into @tableName,@tbID

while @@fetch_status=0begindeclare cur1 cursor for        --xtype in (231,167,239,175,99,35) 为char,varchar,nchar,nvarchar,ntext,text类型        select name from syscolumns where xtype in (231,167,239,175,99,35) and id=@tbID open cur1fetch next from cur1 into @columnNamewhile @@fetch_status=0begin      set @sql='update [' + @tableName + '] set ['+ @columnName +']= replace(cast(['+@columnName+'] as varchar(8000)),'''+@delStr+''','''') where ['+@columnName+'] like ''%'+@delStr+'%'''       --update tablename set fieldA=replace(cast(fieldA as varchar(8000)) ,'aa','bb')这样的语句。      exec sp_executesql @sql           set @iRow=@@rowcount      set @iResult=@iResult+@iRow      if @iRow>0      beginprint '表：'+@tableName+' ,列:'+@columnName+'被更新'+convert(varchar(10),@iRow)+'条记录;'      end           fetch next from cur1 into @columnName

endclose cur1deallocate cur1

fetch next from cur into @tableName,@tbIDendprint '数据库共有'+convert(varchar(10),@iResult)+'条记录被更新!!!'

close curdeallocate curset nocount off

----------------彻底杜绝SQL注入 ---------------1.不要使用sa用户连接数据库 2、新建一个public权限数据库用户，并用这个用户访问数据库 3、[用户]用户名称-> 右键－属性－权限－在sysobjects与syscolumns上面打“×” 4、[角色]去掉角色public对sysobjects与syscolumns对象的select访问权限 5、通过以下代码检测（失败表示权限正确，如能显示出来则表明权限太高）： DECLARE   @T   varchar(255), @C   varchar(255) DECLARE   Table_Cursor   CURSOR   FOR Select   a.name,b.name   from   sysobjects   a,syscolumns   b where   a.id=b.id   and   a.xtype= 'u '   and   (b.xtype=99   or   b.xtype=35   or   b.xtype=231   or   b.xtype=167)OPEN   Table_CursorFETCH   NEXT   FROM   Table_Cursor   INTO   @T,@CWHILE(@@FETCH_STATUS=0) BEGIN   print   @cFETCH   NEXT   FROM   Table_Cursor   INTO   @T,@CENDCLOSE   Table_CursorDEALLOCATE   Table_Cursor

 

本文来自博客，转载请标明出处：http://blog.csdn.net/ZBzibing/archive/2009/05/08/4160903.aspx