22,210
社区成员
发帖
与我相关
我的任务
分享如何给sql数据库加密或给存储过程、表加密防止别人搞我的数据库?
如何给sql数据库加密或给存储过程、表加密防止别人搞我的数据库?
如果加密有什么好的方法,不被破解
如果加密有什么好的方法,不被破解
...全文
请发表友善的回复…
发表回复
erp1998 2006-01-23
- 打赏
- 举报
我也想知道,只给用户看表,但不给看触发器和存储过程,用权限好象不行吧
IT佬 2006-01-22
- 打赏
- 举报
把网络断掉。。。
lwd2002 2006-01-22
- 打赏
- 举报
大家都来说说啊
有什么好办法
有什么好办法
OracleRoob 2006-01-20
- 打赏
- 举报
第145行左右:
objectName + ' WITH ENCRYPTION AS '与前面的@需要连在一起
objectName + ' WITH ENCRYPTION AS '与前面的@需要连在一起
youyu111 2006-01-20
- 打赏
- 举报
我查询分析器中执行了,没有看到分行的地方,看下面
while @n <= ceiling(1.0*(@colid-1)/2) and len(@sQL3) <= 3996
begin
set @sql3 = @sql3 + '+@'
set @n = @n + 1
这段中的set @sql3 = @sql3 + '+@' ,明显'+@'是漏了点吧,麻烦请看一下,谢谢!
OracleRoob 2006-01-20
- 打赏
- 举报
注意,拷贝到sql查询分析器中后,有的本来在一行上,但是在web页面上没有在一行上,需要你自己看一下
youyu111 2006-01-20
- 打赏
- 举报
运行不起来,报错了
服务器: 消息 137,级别 15,状态 2,过程 sp_decrypt,行 207
必须声明变量 '@'。
服务器: 消息 156,级别 15,状态 1,过程 sp_decrypt,行 269
在关键字 'else' 附近有语法错误。
服务器: 消息 156,级别 15,状态 1,过程 sp_decrypt,行 329
在关键字 'end' 附近有语法错误。
请看一下,那里有遗漏的,谢谢!
服务器: 消息 137,级别 15,状态 2,过程 sp_decrypt,行 207
必须声明变量 '@'。
服务器: 消息 156,级别 15,状态 1,过程 sp_decrypt,行 269
在关键字 'else' 附近有语法错误。
服务器: 消息 156,级别 15,状态 1,过程 sp_decrypt,行 329
在关键字 'end' 附近有语法错误。
请看一下,那里有遗漏的,谢谢!
OracleRoob 2006-01-20
- 打赏
- 举报
使用大班主邹建些的存储过程
/*
引用:邹建
CSDN:j9988 copyright:2004.04.15
V3.1
破解字节不受限制,适用于SQLSERVER2000存储过程,函数,视图,触发器
修正上一版视图触发器不能正确解密错误
发现有错,请E_MAIL:CSDNj9988@tom.com
*/
CREATE procedure sp_decrypt(@objectName varchar(50))
--WITH ENCRYPTION
as
begin
set nocount on
begin tran
declare
@objectname1 varchar(100),
@orgvarbin varbinary(8000),
@sql1 nvarchar(4000),
@sql2 varchar(8000),
@sql3 nvarchar(4000),
@sql4 nvarchar(4000),
@OrigSpText1 nvarchar(4000),
@OrigSpText2 nvarchar(4000),
@OrigSpText3 nvarchar(4000),
@resultsp nvarchar(4000),
@i int,
@status int,
@type varchar(10),
@parentid int,
@colid int,
@n int,
@q int,
@j int,
@k int,
@encrypted int,
@number int
select @type = xtype, @parentid = parent_obj from sysobjects where id = object_id(@ObjectName)
create table #temp (
number int,
colid int,
ctext varbinary(8000),
encrypted int,
status int
)
insert #temp
select number, colid, ctext, encrypted, status
from syscomments
where id = object_id(@objectName)
select @number = max(number) from #temp
set @k = 0
while @k <= @number
begin
if exists(select 1 from syscomments where id = object_id(@objectname) and number = @k)
begin
if @type = 'P'
set @sql1 =
(case
when @number > 1 then 'ALTER PROCEDURE ' + @objectName + ';' + rtrim(@k) + ' WITH ENCRYPTION AS '
else 'ALTER PROCEDURE ' + @objectName + ' WITH ENCRYPTION AS '
end)
if @type = 'TR'
begin
declare @parent_obj varchar(255), @tr_parent_xtype varchar(10)
select @parent_obj = parent_obj from sysobjects where id = object_id(@objectName)
select @tr_parent_xtype = xtype from sysobjects where id = @parent_obj
if @tr_parent_xtype='V'
begin
set @sql1 = 'ALTER TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION INSTERD OF INSERT AS PRINT 1 '
end
else
begin
set @sql1 = 'ALTER TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION FOR INSERT AS PRINT 1 '
end
end
if @type = 'FN' or @type = 'TF' or @type = 'IF'
set @sql1 =
(case @type
when 'TF' then 'ALTER FUNCTION ' + @objectName + '(@a char(1)) returns @b table(a varchar(10)) with encryption as begin insert @b select @a return end '
when 'FN' then 'ALTER FUNCTION ' + @objectName + '(@a char(1)) returns char(1) with encryption as begin return @a end'
when 'IF' then 'ALTER FUNCTION '+ @objectName+'(@a char(1)) returns table with encryption as return select @a as a'
end)
if @type = 'V'
set @sql1 = 'ALTER VIEW ' + @objectname + ' WITH ENCRYPTION AS SELECT 1 as f'
set @q = len(@sql1)
set @sql1 = @sql1 + replicate('-',4000-@q)
select @sql2 = replicate('-',8000)
set @sql3 = 'exec(@sql1'
select @colid = max(colid) from #temp where number = @k
set @n = 1
while @n <= ceiling(1.0*(@colid-1)/2) and len(@sQL3) <= 3996
begin
set @sql3 = @sql3 + '+@'
set @n = @n + 1
end
set @sql3 = @sql3 + ')'
exec sp_executesql @sql3, N'@Sql1 nvarchar(4000),@ varchar(8000)', @sql1 = @sql1, @ = @sql2
end
set @k = @k + 1
end
set @k = 0
while @k <= @number
begin
if exists(select 1 from syscomments where id = object_id(@objectname) and number = @k)
begin
select @colid = max(colid) from #temp where number = @k
set @n = 1
while @n <= @colid
begin
select @OrigSpText1 = ctext, @encrypted = encrypted, @status = status from #temp where colid = @n and number = @k
set @OrigSpText3 = (select ctext from syscomments where id = object_id(@objectName) and colid = @n and number = @k)
if @n = 1
begin
if @type='P'
set @OrigSpText2 =
(case
when @number > 1 then 'CREATE PROCEDURE ' + @objectName + ';' + rtrim(@k) + ' WITH ENCRYPTION AS '
else 'CREATE PROCEDURE ' + @
objectName + ' WITH ENCRYPTION AS '
end)
if @type = 'FN' or @type = 'TF' or @type = 'IF'
set @OrigSpText2 =
(case @type
when 'TF' then 'CREATE FUNCTION ' + @objectName + '(@a char(1)) returns @b table(a varchar(10)) with encryption as begin insert @b select @a return end '
when 'FN' then 'CREATE FUNCTION '+ @objectName+'(@a char(1)) returns char(1) with encryption as begin return @a end'
when 'IF' then 'CREATE FUNCTION '+ @objectName+'(@a char(1)) returns table with encryption as return select @a as a'
end)
if @type = 'TR'
begin
if @tr_parent_xtype = 'V'
begin
set @OrigSpText2 = 'CREATE TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION INSTEAD OF INSERT AS PRINT 1 '
end
else
begin
set @OrigSpText2 = 'CREATE TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION FOR INSERT AS PRINT 1 '
end
end
if @type = 'V'
set @OrigSpText2 = 'CREATE VIEW ' + @objectname + ' WITH ENCRYPTION AS SELECT 1 as f'
set @q = 4000 - len(@OrigSpText2)
set @OrigSpText2 = @OrigSpText2 + replicate('-',@q)
end
else
begin
set @OrigSpText2 = replicate('-', 4000)
end
set @i = 1
set @resultsp = replicate(N'A', (datalength(@OrigSpText1) / 2))
while @i <= datalength(@OrigSpText1)/2
begin
set @resultsp = stuff( @resultsp,
@i,
1,
nchar(
unicode(substring(@OrigSpText1, @i, 1)) ^
(unicode(substring(@OrigSpText2, @i, 1)) ^ unicode(substring(@OrigSpText3, @i, 1)))
)
)
set @i = @i + 1
end
set @orgvarbin = cast(@OrigSpText1 as varbinary(8000))
set @resultsp =
(case
when @encrypted = 1 then @resultsp
else convert(nvarchar(4000), case when @status&2=2 then uncompress(@orgvarbin) else @orgvarbin end)
end)
print @resultsp
set @n = @n + 1
end
end
set @k = @k + 1
end
drop table #temp
rollback tran
end
/*
引用:邹建
CSDN:j9988 copyright:2004.04.15
V3.1
破解字节不受限制,适用于SQLSERVER2000存储过程,函数,视图,触发器
修正上一版视图触发器不能正确解密错误
发现有错,请E_MAIL:CSDNj9988@tom.com
*/
CREATE procedure sp_decrypt(@objectName varchar(50))
--WITH ENCRYPTION
as
begin
set nocount on
begin tran
declare
@objectname1 varchar(100),
@orgvarbin varbinary(8000),
@sql1 nvarchar(4000),
@sql2 varchar(8000),
@sql3 nvarchar(4000),
@sql4 nvarchar(4000),
@OrigSpText1 nvarchar(4000),
@OrigSpText2 nvarchar(4000),
@OrigSpText3 nvarchar(4000),
@resultsp nvarchar(4000),
@i int,
@status int,
@type varchar(10),
@parentid int,
@colid int,
@n int,
@q int,
@j int,
@k int,
@encrypted int,
@number int
select @type = xtype, @parentid = parent_obj from sysobjects where id = object_id(@ObjectName)
create table #temp (
number int,
colid int,
ctext varbinary(8000),
encrypted int,
status int
)
insert #temp
select number, colid, ctext, encrypted, status
from syscomments
where id = object_id(@objectName)
select @number = max(number) from #temp
set @k = 0
while @k <= @number
begin
if exists(select 1 from syscomments where id = object_id(@objectname) and number = @k)
begin
if @type = 'P'
set @sql1 =
(case
when @number > 1 then 'ALTER PROCEDURE ' + @objectName + ';' + rtrim(@k) + ' WITH ENCRYPTION AS '
else 'ALTER PROCEDURE ' + @objectName + ' WITH ENCRYPTION AS '
end)
if @type = 'TR'
begin
declare @parent_obj varchar(255), @tr_parent_xtype varchar(10)
select @parent_obj = parent_obj from sysobjects where id = object_id(@objectName)
select @tr_parent_xtype = xtype from sysobjects where id = @parent_obj
if @tr_parent_xtype='V'
begin
set @sql1 = 'ALTER TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION INSTERD OF INSERT AS PRINT 1 '
end
else
begin
set @sql1 = 'ALTER TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION FOR INSERT AS PRINT 1 '
end
end
if @type = 'FN' or @type = 'TF' or @type = 'IF'
set @sql1 =
(case @type
when 'TF' then 'ALTER FUNCTION ' + @objectName + '(@a char(1)) returns @b table(a varchar(10)) with encryption as begin insert @b select @a return end '
when 'FN' then 'ALTER FUNCTION ' + @objectName + '(@a char(1)) returns char(1) with encryption as begin return @a end'
when 'IF' then 'ALTER FUNCTION '+ @objectName+'(@a char(1)) returns table with encryption as return select @a as a'
end)
if @type = 'V'
set @sql1 = 'ALTER VIEW ' + @objectname + ' WITH ENCRYPTION AS SELECT 1 as f'
set @q = len(@sql1)
set @sql1 = @sql1 + replicate('-',4000-@q)
select @sql2 = replicate('-',8000)
set @sql3 = 'exec(@sql1'
select @colid = max(colid) from #temp where number = @k
set @n = 1
while @n <= ceiling(1.0*(@colid-1)/2) and len(@sQL3) <= 3996
begin
set @sql3 = @sql3 + '+@'
set @n = @n + 1
end
set @sql3 = @sql3 + ')'
exec sp_executesql @sql3, N'@Sql1 nvarchar(4000),@ varchar(8000)', @sql1 = @sql1, @ = @sql2
end
set @k = @k + 1
end
set @k = 0
while @k <= @number
begin
if exists(select 1 from syscomments where id = object_id(@objectname) and number = @k)
begin
select @colid = max(colid) from #temp where number = @k
set @n = 1
while @n <= @colid
begin
select @OrigSpText1 = ctext, @encrypted = encrypted, @status = status from #temp where colid = @n and number = @k
set @OrigSpText3 = (select ctext from syscomments where id = object_id(@objectName) and colid = @n and number = @k)
if @n = 1
begin
if @type='P'
set @OrigSpText2 =
(case
when @number > 1 then 'CREATE PROCEDURE ' + @objectName + ';' + rtrim(@k) + ' WITH ENCRYPTION AS '
else 'CREATE PROCEDURE ' + @
objectName + ' WITH ENCRYPTION AS '
end)
if @type = 'FN' or @type = 'TF' or @type = 'IF'
set @OrigSpText2 =
(case @type
when 'TF' then 'CREATE FUNCTION ' + @objectName + '(@a char(1)) returns @b table(a varchar(10)) with encryption as begin insert @b select @a return end '
when 'FN' then 'CREATE FUNCTION '+ @objectName+'(@a char(1)) returns char(1) with encryption as begin return @a end'
when 'IF' then 'CREATE FUNCTION '+ @objectName+'(@a char(1)) returns table with encryption as return select @a as a'
end)
if @type = 'TR'
begin
if @tr_parent_xtype = 'V'
begin
set @OrigSpText2 = 'CREATE TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION INSTEAD OF INSERT AS PRINT 1 '
end
else
begin
set @OrigSpText2 = 'CREATE TRIGGER ' + @objectname + ' ON ' + object_name(@parentid) + ' WITH ENCRYPTION FOR INSERT AS PRINT 1 '
end
end
if @type = 'V'
set @OrigSpText2 = 'CREATE VIEW ' + @objectname + ' WITH ENCRYPTION AS SELECT 1 as f'
set @q = 4000 - len(@OrigSpText2)
set @OrigSpText2 = @OrigSpText2 + replicate('-',@q)
end
else
begin
set @OrigSpText2 = replicate('-', 4000)
end
set @i = 1
set @resultsp = replicate(N'A', (datalength(@OrigSpText1) / 2))
while @i <= datalength(@OrigSpText1)/2
begin
set @resultsp = stuff( @resultsp,
@i,
1,
nchar(
unicode(substring(@OrigSpText1, @i, 1)) ^
(unicode(substring(@OrigSpText2, @i, 1)) ^ unicode(substring(@OrigSpText3, @i, 1)))
)
)
set @i = @i + 1
end
set @orgvarbin = cast(@OrigSpText1 as varbinary(8000))
set @resultsp =
(case
when @encrypted = 1 then @resultsp
else convert(nvarchar(4000), case when @status&2=2 then uncompress(@orgvarbin) else @orgvarbin end)
end)
print @resultsp
set @n = @n + 1
end
end
set @k = @k + 1
end
drop table #temp
rollback tran
end
youyu111 2006-01-20
- 打赏
- 举报
借楼住的题问个问题:
to wangtiecheng(cappuccino)
用with encryption加密存储过程、函数、视图很容易被破解
加密后是如何破解的?谢谢 :)
to wangtiecheng(cappuccino)
用with encryption加密存储过程、函数、视图很容易被破解
加密后是如何破解的?谢谢 :)
hzsteven 2006-01-20
- 打赏
- 举报
sqlunlock可解密以with encryption 加密的存储过程
浩方软件HFWMS 2006-01-20
- 打赏
- 举报
路过,顺便接点分
OracleRoob 2006-01-20
- 打赏
- 举报
通过用户权限是比较可行的办法
而with encryption加密存储过程、函数、视图很容易被破解
而with encryption加密存储过程、函数、视图很容易被破解
lwd2002 2006-01-20
- 打赏
- 举报
有没有更好的方法啊?
wfliu 2006-01-20
- 打赏
- 举报
学习
postren 2006-01-20
- 打赏
- 举报
不知道SQL 2005中的过程/视图 加密能否解密?
youyu111 2006-01-20
- 打赏
- 举报
哈哈,我一行一行对整齐了,这次不再给我抱错,爽,呵呵
测试了一下,结果正确,谢谢了,不知道借他人的楼怎么给你分,如果有办法就告诉我,发消息给我,
再次谢谢 wangtiecheng(cappuccino)
不过此解密过程真长,看起来头晕晕,还要细细看看
测试了一下,结果正确,谢谢了,不知道借他人的楼怎么给你分,如果有办法就告诉我,发消息给我,
再次谢谢 wangtiecheng(cappuccino)
不过此解密过程真长,看起来头晕晕,还要细细看看
jin2005 2006-01-20
- 打赏
- 举报
数据库中只要能加密就能被解密。。
wenhow 2006-01-18
- 打赏
- 举报
to happyflystone:
过程还能解吗??
好像不行吧
过程还能解吗??
好像不行吧
talenty 2006-01-18
- 打赏
- 举报
建议通过用户管理。。不要告诉我你的数据库的sa用户别人也知道
zlp321002 2006-01-18
- 打赏
- 举报
--限制用户访问数据库的权限,来控制数据库的安全性!
比如建只读用户、允许删除数据用户、允许修改数据用户、允许备份数据库用户、等相关级别的用户比较好!
比如建只读用户、允许删除数据用户、允许修改数据用户、允许备份数据库用户、等相关级别的用户比较好!
加载更多回复(1)
