MSSQL数据库被插入木马批量删除sql语句

MSSQL数据库被插入木马批量删除sql语句，一朋友服务器被批量插入了js木马，几乎每个表的文本字段都被插入了，网上找了这个sql语句，修改了下，备用。

方法一
DECLARE hCForEach CURSOR GLOBAL
FOR
SELECT N'update '+QUOTENAME()
+N' set '+ QUOTENAME() + N' = replace(' + QUOTENAME() + ','''','''')'
FROM sysobjects o,syscolumns c,systypes t
WHERE o.id=c.id
AND OBJECTPROPERTY(o.id,N'IsUserTable')=1
AND c.xusertype=t.xusertype
AND IN('varchar','nvarchar','char','nchar','text')

EXEC sp_MSforeach_Worker @command1=N'?'


为要查找的插入的js内容。








方法二
declare @t varchar(255),@c varchar(255)
declare table_cursor cursor for select ,
from sysobjects a,syscolumns b ,systypes c
where a.id=b.id and a.xtype='u' and
in ('char', 'nchar', 'nvarchar', 'varchar','text','ntext'/* --这里如果你的text(ntext)类型没有超过8000(4000)长度，才可以使用*/)
declare @str varchar(500),@str2 varchar(500)
set @str='' /*这里是你要替换的字符*/
set @str2='' /*替换后的字符*/
open table_cursor
fetch next from table_cursor
into @t,@c while(@@fetch_status=0)
begin exec('update [' + @t + '] set [' + @c + ']=replace(cast([' + @c + '] as varchar(8000)),'''+@str+''','''+ @str2 +''')')

fetch next from table_cursor
into @t,@c end close table_cursor deallocate table_cursor;