Mahmoud ElMansy: knowledge meant to be free

Clean Up Your Database From Malware

If your site was hacked and all you database data has been changed to hold MalWare script.

I have made a simple script to clean you data from this text.

declare @col sysname
declare @tbl sysname
declare @sql nvarchar(256)

declare crsFix cursor for
select table_name, Column_name from information_schema.columns inner join sys.tables on
where (data_type = 'nvarchar' or data_type='varchar')
open crsFix
fetch next from crsFix into @tbl, @col
while(@@Fetch_Status = 0)
set @sql = 'Update [' + @tbl + '] set [' + @col + '] = replace('+@col+',''">Hack text