標籤:
網上的很多不能正確解密,出現空白,還好有這個,mark下了。
Create PROCEDURE [dbo].[sp_windbidecrypt] (@procedure sysname = NULL, @revfl int = 1) AS /***********************************************************原王成輝翻譯整理 串連sqlcmd文法:sqlcmd -A -d databasename -o c:\a.txt調用形式為: 先運行cmd 執行 :sqlcmd -A -d gzzywst -o c:\a.txt注意: -A A一定要大寫,-d 後面是要進入的資料庫 -o 是檔案輸出路徑及檔案名稱。本方法為串連本機SQL2008 遠程登入的時候文法更複雜一些,需要伺服器IP 登入使用者 及密碼第二步:輸入exec sp_windbidecrypt ‘Ts_b_InsertBillDetailDraft‘,0 再輸入go 以後斷行符號執行接觸會跳行,跳行無錯誤顯示,預存程序即解密成功,可以在輸出路徑下查看了。 |
或者在sql manament studio中建立--資料庫引擎查詢:admin:192.168.1.0然後執行語句就可以了
---------------------------------------------------------------如果第二個參數使用1的話,會給出該預存程序的一些提示。 --版本4.0 修正預存程序過長解密出來是空白的問題 這個版本已經完全可以解密出sql2008下面的預存程序了**************************************************************/ SET NOCOUNT ON IF @revfl = 1 BEGIN PRINT ‘警告:該預存程序會刪除並重建原始的預存程序。‘ PRINT ‘ 在運行該預存程序之前確保你的資料庫有一個備份。‘ PRINT ‘ 該預存程序通常應該運行在產品環境的一個備份的非產品環境下。‘ PRINT ‘ 為了運行這個預存程序,將參數@refl的值更改為0。‘ RETURN 0 END DECLARE @intProcSpace bigint, @t bigint, @maxColID smallint,@procNameLength int select @maxColID = max(subobjid) FROM sys.sysobjvalues WHERE objid = object_id(@procedure) --select @maxColID as ‘Rows in sys.sysobjvalues‘ select @procNameLength = datalength(@procedure) + 29 DECLARE @real_01 nvarchar(max) DECLARE @fake_01 nvarchar(max) DECLARE @fake_encrypt_01 nvarchar(max) DECLARE @real_decrypt_01 nvarchar(max),@real_decrypt_01a nvarchar(max) declare @objtype varchar(2),@ParentName nvarchar(max) select @real_decrypt_01a = ‘‘ --提取對象的類型如是預存程序還是函數,如果是觸發器,還要得到其父物件的名稱 select @objtype=type,@parentname=object_name(parent_object_id) from sys.objects where [object_id]=object_id(@procedure) -- 從sys.sysobjvalues裡提出加密的imageval記錄 SET @real_01=(SELECT top 1 imageval FROM sys.sysobjvalues WHERE objid = object_id(@procedure) and valclass = 1 order by subobjid) --建立一個暫存資料表 create table #output ( [ident] [int] IDENTITY (1, 1) NOT NULL , [real_decrypt] NVARCHAR(MAX) ) --開始一個事務,稍後復原 BEGIN TRAN --更改原始的預存程序,用虛線替換 if @objtype=‘P‘ SET @fake_01=‘ALTER PROCEDURE ‘+ @procedure +‘ WITH ENCRYPTION AS select 1 /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/‘ else if @objtype=‘FN‘ SET @fake_01=‘ALTER FUNCTION ‘+ @procedure +‘() RETURNS INT WITH ENCRYPTION AS BEGIN RETURN 1 /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/ END‘ else if @objtype=‘V‘ SET @fake_01=‘ALTER view ‘+ @procedure +‘ WITH ENCRYPTION AS select 1 as col /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/‘ else if @objtype=‘TR‘ SET @fake_01=‘ALTER trigger ‘+ @procedure +‘ ON ‘[email protected]+‘WITH ENCRYPTION AFTER INSERT AS RAISERROR (‘‘N‘‘,16,10) /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/‘ EXECUTE (@fake_01) --從sys.sysobjvalues裡提出加密的假的 SET @fake_encrypt_01=(SELECT top 1 imageval FROM sys.sysobjvalues WHERE objid = object_id(@procedure) and valclass = 1 order by subobjid ) if @objtype=‘P‘ SET @fake_01=‘Create PROCEDURE ‘+ @procedure +‘ WITH ENCRYPTION AS select 1 /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/‘ else if @objtype=‘FN‘ SET @fake_01=‘CREATE FUNCTION ‘+ @procedure +‘() RETURNS INT WITH ENCRYPTION AS BEGIN RETURN 1 /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/ END‘ else if @objtype=‘V‘ SET @fake_01=‘Create view ‘+ @procedure +‘ WITH ENCRYPTION AS select 1 as col /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/‘ else if @objtype=‘TR‘ SET @fake_01=‘Create trigger ‘+ @procedure +‘ ON ‘[email protected]+‘WITH ENCRYPTION AFTER INSERT AS RAISERROR (‘‘N‘‘,16,10) /**//*‘+REPLICATE(cast(‘*‘as nvarchar(max)), datalength(@real_01) /2 - @procNameLength)+‘*/‘ --開始計數 SET @intProcSpace=1 --使用輸入鍵台臨時變數 SET @real_decrypt_01 = replicate(cast(‘A‘as nvarchar(max)), (datalength(@real_01) /2 )) --迴圈設定每一個變數,建立真正的變數 --每次一個位元組 SET @intProcSpace=1 --如有必要,遍曆每個@real_xx變數並解密 WHILE @intProcSpace<=(datalength(@real_01)/2) BEGIN --真的和假的和加密的假的進行異或處理 SET @real_decrypt_01 = stuff(@real_decrypt_01, @intProcSpace, 1, NCHAR(UNICODE(substring(@real_01, @intProcSpace, 1)) ^ (UNICODE(substring(@fake_01, @intProcSpace, 1)) ^ UNICODE(substring(@fake_encrypt_01, @intProcSpace, 1))))) SET @[email protected]+1 END --通過sp_helptext邏輯向表#output裡插入變數 insert #output (real_decrypt) select @real_decrypt_01 --select real_decrypt AS ‘#output chek‘ from #output --測試 -- ------------------------------------- --開始從sp_helptext提取 -- ------------------------------------- declare @dbname sysname ,@BlankSpaceAdded int ,@BasePos int ,@CurrentPos int ,@TextLength int ,@LineId int ,@AddOnLen int ,@LFCR int --斷行符號換行的長度 ,@DefinedLength int ,@SyscomText nvarchar(max) ,@Line nvarchar(255) Select @DefinedLength = 255 SELECT @BlankSpaceAdded = 0 --跟蹤行結束的空格。注意Len函數忽略了多餘的空格 CREATE TABLE #CommentText (LineId int ,Text nvarchar(255) collate database_default) --使用#output代替sys.sysobjvalues DECLARE ms_crs_syscom CURSOR LOCAL FOR SELECT real_decrypt from #output ORDER BY ident FOR READ ONLY --擷取文本 SELECT @LFCR = 2 SELECT @LineId = 1 OPEN ms_crs_syscom FETCH NEXT FROM ms_crs_syscom into @SyscomText WHILE @@fetch_status >= 0 BEGIN SELECT @BasePos = 1 SELECT @CurrentPos = 1 SELECT @TextLength = LEN(@SyscomText) WHILE @CurrentPos != 0 BEGIN --通過斷行符號尋找行的結束 SELECT @CurrentPos = CHARINDEX(char(13)+char(10), @SyscomText, @BasePos) --如果找到斷行符號 IF @CurrentPos != 0 BEGIN --如果@Lines的長度的新值比設定的大就插入@Lines目前的內容並繼續 While (isnull(LEN(@Line),0) + @BlankSpaceAdded + @[email protected] + @LFCR) > @DefinedLength BEGIN SELECT @AddOnLen = @DefinedLength-(isnull(LEN(@Line),0) + @BlankSpaceAdded) INSERT #CommentText VALUES ( @LineId, isnull(@Line, N‘‘) + isnull(SUBSTRING(@SyscomText, @BasePos, @AddOnLen), N‘‘)) SELECT @Line = NULL, @LineId = @LineId + 1, @BasePos = @BasePos + @AddOnLen, @BlankSpaceAdded = 0 END SELECT @Line = isnull(@Line, N‘‘) + isnull(SUBSTRING(@SyscomText, @BasePos, @[email protected] + @LFCR), N‘‘) SELECT @BasePos = @CurrentPos+2 INSERT #CommentText VALUES( @LineId, @Line ) SELECT @LineId = @LineId + 1 SELECT @Line = NULL END ELSE --如果斷行符號沒找到 BEGIN IF @BasePos <= @TextLength BEGIN --如果@Lines長度的新值大於定義的長度 While (isnull(LEN(@Line),0) + @BlankSpaceAdded + @[email protected]+1 ) > @DefinedLength BEGIN SELECT @AddOnLen = @DefinedLength - (isnull(LEN(@Line),0) + @BlankSpaceAdded) INSERT #CommentText VALUES ( @LineId, isnull(@Line, N‘‘) + isnull(SUBSTRING(@SyscomText, @BasePos, @AddOnLen), N‘‘)) SELECT @Line = NULL, @LineId = @LineId + 1, @BasePos = @BasePos + @AddOnLen, @BlankSpaceAdded = 0 END SELECT @Line = isnull(@Line, N‘‘) + isnull(SUBSTRING(@SyscomText, @BasePos, @[email protected]+1 ), N‘‘) if LEN(@Line) < @DefinedLength and charindex(‘ ‘, @SyscomText, @TextLength+1 ) > 0 BEGIN SELECT @Line = @Line + ‘ ‘, @BlankSpaceAdded = 1 END END END END FETCH NEXT FROM ms_crs_syscom into @SyscomText END IF @Line is NOT NULL INSERT #CommentText VALUES( @LineId, @Line ) select Text from #CommentText order by LineId CLOSE ms_crs_syscom DEALLOCATE ms_crs_syscom DROP TABLE #CommentText -- ------------------------------------- --結束從sp_helptext提取 -- ------------------------------------- --刪除用虛線建立的預存程序並重建原始的預存程序 ROLLBACK TRAN DROP TABLE #output go
【轉】sql2008破解加密預存程序 (親測可用)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
