SQL里面sa未能找到sp_password的处理办法
已被浏览 984

SQL里面sa未能找到sp_password的处理办法

分享到:
    当SQL2000数据库里面的sa被账号被植入病毒后的处理办法,请到数据库里面的查询分析器里面录入如下语句接着执行如下语句:

    SET QUOTED_IDENTIFIER ON 
    GO
    SET ANSI_NULLS OFF 
    GO
    create procedure sp_password
        @old sysname = NULL,        -- the old (current) password
        @new sysname,               -- the new password
        @loginame sysname = NULL    -- user to change password on
    as
        -- SETUP RUNTIME OPTIONS / DECLARE VARIABLES --
     set nocount on
        declare @self int
        select @self = CASE WHEN @loginame is null THEN 1 ELSE 2 END
        -- RESOLVE LOGIN NAME
        if @loginame is null
            select @loginame = suser_sname()
        -- CHECK PERMISSIONS (SecurityAdmin per Richard Waymire) --
     IF (not is_srvrolemember('securityadmin') = 1)
            AND not @self = 1
     begin
        dbcc auditevent (107, @self, 0, @loginame, NULL, NULL, NULL)
        raiserror(15210,-1,-1)
        return (1)
     end
     ELSE
     begin
        dbcc auditevent (107, @self, 1, @loginame, NULL, NULL, NULL)
     end
        -- DISALLOW USER TRANSACTION --
     set implicit_transactions off
     IF (@@trancount > 0)
     begin
      raiserror(15002,-1,-1,'sp_password')
      return (1)
     end
        -- RESOLVE LOGIN NAME (disallows nt names)
        if not exists (select * from master.dbo.syslogins where
                        loginname = @loginame and isntname = 0)
     begin
      raiserror(15007,-1,-1,@loginame)
      return (1)
     end
     -- IF non-SYSADMIN ATTEMPTING CHANGE TO SYSADMIN, REQUIRE PASSWORD (218078) --
     if (@self <> 1 AND is_srvrolemember('sysadmin') = 0 AND exists
       (SELECT * FROM master.dbo.syslogins WHERE loginname = @loginame and isntname = 0
        AND sysadmin = 1) )
      SELECT @self = 1
        -- CHECK OLD PASSWORD IF NEEDED --
        if (@self = 1 or @old is not null)
            if not exists (select * from master.dbo.sysxlogins
                            where srvid IS NULL and
                name = @loginame and
                         ( (@old is null and password is null) or
                                  (pwdcompare(@old, password, (CASE WHEN xstatus&2048 = 2048 THEN 1 ELSE 0 END)) = 1) )   )
            begin
          raiserror(15211,-1,-1)
          return (1)
         end
        -- CHANGE THE PASSWORD --
        update master.dbo.sysxlogins
     set password = convert(varbinary(256), pwdencrypt(@new)), xdate2 = getdate(), xstatus = xstatus & (~2048)
     where name = @loginame and srvid IS NULL
     -- UPDATE PROTECTION TIMESTAMP FOR MASTER DB, TO INDICATE SYSLOGINS CHANGE --
     exec('use master grant all to null')
        -- FINALIZATION: RETURN SUCCESS/FAILURE --
     if @@error <> 0
            return (1)
        raiserror(15478,-1,-1)
     return  (0) -- sp_password
    GO
    SET QUOTED_IDENTIFIER OFF 
    GO
    SET ANSI_NULLS ON 
    GO

     
QQ在线咨询
售前咨询热线
13866731047
售后咨询热线
18905607355