首先備份數據庫，以防不必要的損失。而后對所有被掛馬的小于8000字符的varchar字段執行

復制代碼 代碼如下:

update 表名 set 字段名=replace(字段名,'<Script Src=http://c.n%75clear3.com/css/c.js></Script>','')

復制代碼 代碼如下:

update 表名 set 表項=replace(cast(表項 as varchar(8000)),'<Script Src=http:/c.nuclear3.com/css/c.js> </Script> ','')

復制代碼 代碼如下:

update 表名 set 表項=replace(cast(表項 as varchar(8000)),'<Script Src=http:/c.nuclear3.com/css/c.js> </Script> ','') where id>1 and id<15000

復制代碼 代碼如下:

<%
Response.Buffer = True '緩存頁面
'防范get注入
If Request.QueryString <> "" Then StopInjection(Request.QueryString)
'防范post注入
If Request.Form <> "" Then StopInjection(Request.Form)
'防范cookies注入
If Request.Cookies <> "" Then StopInjection(Request.Cookies)
'正則子函數
Function StopInjection(Values)
Dim regEx
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = "'|;|#|([/s/b+()]+([email=select%7Cupdate%7Cinsert%7Cdelete%7Cdeclare%7C@%7Cexec%7Cdbcc%7Calter%7Cdrop%7Ccreate%7Cbackup%7Cif%7Celse%7Cend%7Cand%7Cor%7Cadd%7Cset%7Copen%7Cclose%7Cuse%7Cbegin%7Cretun%7Cas%7Cgo%7Cexists)[/s/b]select|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[/s/b[/email]+]*)"
Dim sItem, sValue
For Each sItem In Values
sValue = Values(sItem)
If regEx.Test(sValue) Then
Response.Write "<Script Language=javascript>alert('非法注入！你的行為已被記錄！！');history.back(-1);</Script>"
Response.End
End If
Next
Set regEx = Nothing
End function
%>