清理数据库木马文件

 1 --说明set @str='''</title>''';把替换的木马开始字符写上去。执行就可以了

 2 

 3 declare @tableid int

 4 

 5 declare @tablename sysname

 6 

 7 declare @colid int

 8 

 9 declare @colname sysname

10 

11 declare mycursor cursor       /* 声明游标，默认为FORWARD_ONLY游标*/ 

12 

13 FOR 

14 

15 select c.id,c.name,a.colorder,a.name

16 

17 from syscolumns a

18 

19 left join systypes b

20 

21 on a.xtype=b.xusertype

22 

23 left join sysobjects c

24 

25 on a.id = c.id

26 

27 where c.xtype = 'U' 

28 

29 and c.name != 'dtproperties'

30 

31 and b.name in ('text','ntext','varchar','char','nvarchar','nchar')

32 

33 order by c.name asc,a.colorder asc

34 

35 OPEN mycursor                       /* 打开游标*/

36 FETCH NEXT from mycursor

37 

38 into @tableid,@tablename,@colid,@colname       /* 读取第一条数据*/

39 

40  

41 

42 WHILE @@FETCH_STATUS = 0         /* 用WHILE循环控制游标活动*/

43 

44  

45 

46 BEGIN 

47 declare @sql_ varchar(max);

48 /* 开始更新字段*/

49 begin try

50     declare @str varchar(max);

51     set @str='''</title>''';

52     set @sql_ = ' update '+@tablename+' set '+@colname+'= replace(cast('+@colname+' as varchar(8000)),substring('+@colname+',charindex('+@str+','+@colname+'),case when cast(charindex('+@str+','+@colname+') as int) > 0 then len(cast('+@colname+' as varchar(8000)))-charindex('+@str+','+@colname+')+1 else 0 end),'''')';

53     --exec(@sql_)

54     print(@sql_)

55 end try

56 begin catch

57     print(@sql_)

58 end catch

59 

60 /* 结束更新字段*/

61 FETCH NEXT from mycursor

62 

63 into @tableid,@tablename,@colid,@colname         /* 读取下一条数据*/ 

64 END

65 CLOSE mycursor                 /* 关闭游标*/ 

66 

67 DEALLOCATE mycursor 

View Code

 

 

直接执行即可