讲解SQL Server危险扩展存储删除和恢复

将有安全问题的SQL过程删除.比较全面.一切为了安全!

删除了调用shell，注册表，COM组件的破坏权限

MS SQL SERVER2000

使用系统帐户登陆查询分析器

运行以下脚本:

use master

exec sp_dropextendedproc "xp_cmdshell"

exec sp_dropextendedproc "xp_enumgroups"

exec sp_dropextendedproc "xp_loginconfig"

exec sp_dropextendedproc "xp_enumerrorlogs"

exec sp_dropextendedproc "xp_getfiledetails"

exec sp_dropextendedproc "Sp_OACreate"

exec sp_dropextendedproc "Sp_OADestroy"

exec sp_dropextendedproc "Sp_OAGetErrorInfo"

exec sp_dropextendedproc "Sp_OAGetProperty"

exec sp_dropextendedproc "Sp_OAMethod"

exec sp_dropextendedproc "Sp_OASetProperty"

exec sp_dropextendedproc "Sp_OAStop"

exec sp_dropextendedproc "xp_regaddmultistring"

exec sp_dropextendedproc "xp_regdeletekey"

exec sp_dropextendedproc "xp_regdeletevalue"

exec sp_dropextendedproc "xp_regenumvalues"

exec sp_dropextendedproc "xp_regremovemultistring"

exec sp_dropextendedproc "xp_regwrite"

drop procedure sp_makewebtask

go

删除所有危险的扩展:

exec sp_dropextendedproc "xp_cmdshell" [删除此项扩展后,将无法远程连接数据库]

以下3个存储过程会在SQL SERVER恢复备份时被使用,非必要请勿删除

#exec sp_dropextendedproc "xp_dirtree" [删除此项扩展后,将无法新建或附加数据库]

#exec sp_dropextendedproc "Xp_regread" [删除此项扩展后, 还原数据库辅助]

#exec sp_dropextendedproc "xp_fixeddrives" [删除此项扩展后,将无法还原数据库]

恢复脚本

use master

EXEC sp_addextendedproc xp_cmdshell ,@dllname ="xplog70.dll"

EXEC sp_addextendedproc xp_enumgroups ,@dllname ="xplog70.dll"

EXEC sp_addextendedproc xp_loginconfig ,@dllname ="xplog70.dll"

EXEC sp_addextendedproc xp_enumerrorlogs ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_getfiledetails ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc Sp_OACreate ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc Sp_OADestroy ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc Sp_OAGetErrorInfo ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc Sp_OAGetProperty ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc Sp_OAMethod ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc Sp_OASetProperty ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc Sp_OAStop ,@dllname ="odsole70.dll"

EXEC sp_addextendedproc xp_regaddmultistring ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_regdeletekey ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_regdeletevalue ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_regenumvalues ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_regremovemultistring ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_regwrite ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_dirtree ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_regread ,@dllname ="xpstar.dll"

EXEC sp_addextendedproc xp_fixeddrives ,@dllname ="xpstar.dll"

go

全部复制到"SQL查询分析器"

点击菜单上的--"查询"--"执行"，就会将有安全问题的SQL过程删除