asp实现的查询某关键词在MSSQL数据库位置的代码

时间:2022-09-18 16:58:38

功能是:以一个关键字为索引,搜索整个数据库,然后返回那个关键字所在的表名和列名。(很赞...特别是入侵的时候找不到用户名与密码所在的表的时候,如果能直接通过输入admin这个关键词找出字段...省得一个表一个表的看了。)于是根据那段语句,写了个asp的脚本,方便大家以后搜寻数据库。 

代码如下: 

复制代码代码如下:


<% 
'Confirm a keyword's position of a database(which table & which column) 
'By oldjun(http://www.oldjun.com) 
'Based on huangzi(http://www.2chuizi.com)'s sql 
Server.ScriptTimeout=999999999 
Response.Buffer =true 
On Error Resume Next 
keyword=request("keyword") 
if keyword="" then 
response.write "Need keyword!" 
response.End 
End if 
dim conn 
Set conn = Server.CreateObject("ADODB.Connection") 
Dim ConnStr 
'ConnectionString,Pls change! 
ConnStr="Driver={SQL SERVER};Server=localhost;UID=sa;PWD=sa;Database=master" 
Conn.open ConnStr 
conn.execute("CREATE TABLE huangzi_table(id int identity(1,1),biaoid int,biaoname nvarchar(1000))") 
conn.execute("insert huangzi_table select [id],[name] from sysobjects where xtype='U'") 
set rs =conn.execute("select count(id) as tnum from huangzi_table") 
tnum=rs("tnum") 
rs.close 
set rs=nothing 
for i=1 to tnum 
set rsbiao =conn.execute("select biaoid from huangzi_table where id="&i&"") 
biaoid=rsbiao("biaoid") 
set rst =conn.execute("select [biaoname] from huangzi_table where biaoid="&biaoid&"") 
tname=rst("biaoname") 
set rsl=conn.execute("select count([name]) as lnum from syscolumns where id="&biaoid&"") 
lnum=rsl("lnum") 
for j=1 to lnum 
topnum=j-1 
set rslie=conn.execute("select top 1 [name] from syscolumns where id="&biaoid&" and [name] not in 
(select top "&topnum&" [name] from syscolumns where id="&biaoid&")") 
liename=rslie("name") 
set rsresult=conn.execute("select top 1 ["&liename&"] from ["&tname&"] where CAST(["&liename&"] AS NVARCHAR(1000))='"&keyword&"'") 
if rsresult.bof or rsresult.eof then 
'response.write "Nothing-"&tname&":"&liename 
'response.write "<br>" 
else 
result=rsresult(liename) 
response.write result&"("&tname&":"&liename&")" 
response.write "<br>" 
End if 
rslie.close 
set rslie=nothing 
rsresult.close 
set rsresult=nothing 
next 
rsbiao.close 
set rsbiao=nothing 
rst.close 
set rst=nothing 
rsl.close 
set rsl=nothing 
next 
conn.execute("DROP TABLE huangzi_table") 
%> 


注:效率很差,使用时可能出现假死, 请耐心等待,大库还是别用了;代码简单,实现的简单功能,没技术含量,留着以后备用;换连接语句的时候有个缓存问题,建议重启下浏览器!