Mahmoud ElMansy: knowledge meant to be free

Clean Up Your Database From Malware

If your site was hacked and all you database data has been changed to hold MalWare script.

I have made a simple script to clean you data from this text.


declare @col sysname
declare @tbl sysname
declare @sql nvarchar(256)

declare crsFix cursor for
select table_name, Column_name from information_schema.columns inner join sys.tables on sys.tables.name=information_schema.columns.TABLE_NAME
where (data_type = 'nvarchar' or data_type='varchar')
open crsFix
fetch next from crsFix into @tbl, @col
while(@@Fetch_Status = 0)
Begin
set @sql = 'Update [' + @tbl + '] set [' + @col + '] = replace('+@col+',''">Hack text