SQL database Trojan Solution

Today, I received a call for help from Mr. Tian and rushed back to the dormitory server to check the situation. It turned out that a website was hacked and seriously damaged. The SQL database was infected with Trojans, most of the fields in all tables are repeatedly inserted with the trojan code to view logs. Fortunately, server security is not involved, but the database has encountered many exception warnings. The website does have vulnerabilities.

There is no way. I have to fix the database because they have no database backup and there is no way to restore the database. What's more, even if the transaction log is not enabled, it cannot be restored several times, there is no hope for restoring the database. I had to help them clean up the trojan Code. It is impossible to manually delete the trojan code. After all, the data is too big to be directly modified, A barely effective solution is obtained by searching around the table. Execute this SQL statement in each table.

Update tablename set @ ziduanming = replace (cast (@ ziduanming as varchar (8000), '', null)

The preceding SQL statement can be used to modify the table, field name, and replace content.

In fact, the SQL database Trojan is a relatively new method of Trojan horse mounting. As long as the website is injected and the database is connected to the database as the db owner permission, you can mount the database Trojan, it is estimated that the attack process should be automated. Through advanced scanning technology, the SQL injection vulnerabilities on tens of thousands of websites are collected in batch, and automatic SQL injection and Trojan Horse mounting are carried out against vulnerability attacks. This time, many websites may suffer. asp + mssql is the main target of attacks!

I provide a solution

Solutions for SQL database Trojan:

Correct cleaning of Trojans. Note that the database cannot be modified or deleted at will. Proceed with caution when the trojan is mounted. We recommend that you back up the data and then clean it up carefully.

If no backup is available before, use the SQL command above to fix it,

How to Prevent SQL database Trojans:

1. Clear all injection points on the website.

2. configure a reliable anti-injection program for the website.

3. It is best to filter out the website source code to limit the type and length of Characters in the database.

4. develop the habit of backing up databases frequently. You may not be able to back up your database every day, but you will also be able to back up your database every week. If you have time, you can back up your database every day.

5. It is best to ask a professional website security company to thoroughly evaluate the security of your website and server.