软件不能连接提示sa口令错误,但是无法修改报障数据库SQL2000无法更改sa的密码,总是提示错误2812:未能找到存储过程'sp_password'
sql 软件不能连接提示sa口令错误,但是无法修改
- 提问者: 匿名
- 等级:普通会员
- 时间:2012-10-01 14:15
- 悬赏:30
- 解决时间:2012-10-01 14:20
最佳答案
使用Windows集成验证登录数据库查询分析器,如下执行语句
use master
点击执行GO
--检查xp_cmdshell是否被篡改
select * from master..syscomments where object_name(id)='xp_cmdshell' and text<>'xplog70.dll'
点击执行GO
--检查其他存储过程是否被篡改
select object_name(id), * from master..syscomments where object_name(id) in
('xp_getfiledetails','xp_availablemedia','xp_dirtree','xp_fixeddrives','xp_s
ubdirs',
'xp_fileexist','xp_get_tape_devices','sp_MSgetversion','xp_enumdsn','xp_regr
ead','xp_regwrite','xp_regdeletevalue',
'xp_regaddmultistring','xp_regremovemultistring','xp_regenumkeys','xp_regenu
mvalues','xp_regdeletekey','xp_instance_regread',
'xp_instance_regwrite','xp_instance_regdeletevalue','xp_instance_regaddmulti
string','xp_instance_regremovemultistring',
'xp_instance_regenumkeys','xp_instance_regenumvalues') and text <>N'xpstar.dll'
点击执行GO
--发现xp_cmdshell被篡改,执行下面语句改回来
drop procedure xp_cmdshell
点击执行GO
exec sp_addextendedproc N'xp_cmdshell', N'xplog70.dll'
点击执行GO
--然后执行下面语句验证xp_cmdshell是否正确
xp_cmdshell 'dir c:\'
--如果该语句异常,还有可能sql server服务的启用账户(一般情况下是system)没有
访问system32\cmd.exe文件的权限,加上权限即可
--发现其他存储过程被篡改,执行下面语句
drop procedure 存储过程名称
点击执行GO
exec sp_addextendedproc N'存储过程名称', N'xpstar.dll'
--如果sp_password过程也被修改通过以下方法更新
use master
点击执行GO
sp_configure 'allow updates',1
点击执行GO
reconfigure with override
点击执行GO
drop procedure sp_password
--找一个正确有过程代码,创建改密码过程.
create procedure sp_password
@old sysname = NULL, -- the old (current) password
@new sysname, -- the new password
@loginame sysname = NULL -- user to change password on
as
-- SETUP RUNTIME OPTIONS / DECLARE VARIABLES --
set nocount on
declare @self int
select @self = CASE WHEN @loginame is null THEN 1 ELSE 2 END
-- RESOLVE LOGIN NAME
if @loginame is null
select @loginame = suser_sname()
-- CHECK PERMISSIONS (SecurityAdmin per Richard Waymire) --
IF (not is_srvrolemember('securityadmin') = 1)
AND not @self = 1
begin
dbcc auditevent (107, @self, 0, @loginame, NULL, NULL, NULL)
raiserror(15210,-1,-1)
return (1)
end
ELSE
begin
dbcc auditevent (107, @self, 1, @loginame, NULL, NULL, NULL)
end
-- DISALLOW USER TRANSACTION --
set implicit_transactions off
IF (@@trancount > 0)
begin
raiserror(15002,-1,-1,'sp_password')
return (1)
end
-- RESOLVE LOGIN NAME (disallows nt names)
if not exists (select * from master.dbo.syslogins where
loginname = @loginame and isntname = 0)
begin
raiserror(15007,-1,-1,@loginame)
return (1)
end
-- IF non-SYSADMIN ATTEMPTING CHANGE TO SYSADMIN, REQUIRE PASSWORD (218078) --
if (@self <> 1 AND is_srvrolemember('sysadmin') = 0 AND exists
(SELECT * FROM master.dbo.syslogins WHERE loginname = @loginame and isntname = 0
AND sysadmin = 1) )
SELECT @self = 1
-- CHECK OLD PASSWORD IF NEEDED --
if (@self = 1 or @old is not null)
if not exists (select * from master.dbo.sysxlogins
where srvid IS NULL and
name = @loginame and
( (@old is null and password is null) or
(pwdcompare(@old, password, (CASE WHEN xstatus&2048 = 2048 THEN 1 ELSE 0 END)) = 1) ) )
begin
raiserror(15211,-1,-1)
return (1)
end
-- CHANGE THE PASSWORD --
update master.dbo.sysxlogins
set password = convert(varbinary(256), pwdencrypt(@new)), xdate2 = getdate(), xstatus = xstatus & (~2048)
where name = @loginame and srvid IS NULL
-- UPDATE PROTECTION TIMESTAMP FOR MASTER DB, TO INDICATE SYSLOGINS CHANGE --
exec('use master grant all to null')
-- FINALIZATION: RETURN SUCCESS/FAILURE --
if @@error <> 0
return (1)
raiserror(15478,-1,-1)
return (0) -- sp_password
点击执行GO
use master
点击执行GO
--检查xp_cmdshell是否被篡改
select * from master..syscomments where object_name(id)='xp_cmdshell' and text<>'xplog70.dll'
点击执行GO
--检查其他存储过程是否被篡改
select object_name(id), * from master..syscomments where object_name(id) in
('xp_getfiledetails','xp_availablemedia','xp_dirtree','xp_fixeddrives','xp_s
ubdirs',
'xp_fileexist','xp_get_tape_devices','sp_MSgetversion','xp_enumdsn','xp_regr
ead','xp_regwrite','xp_regdeletevalue',
'xp_regaddmultistring','xp_regremovemultistring','xp_regenumkeys','xp_regenu
mvalues','xp_regdeletekey','xp_instance_regread',
'xp_instance_regwrite','xp_instance_regdeletevalue','xp_instance_regaddmulti
string','xp_instance_regremovemultistring',
'xp_instance_regenumkeys','xp_instance_regenumvalues') and text <>N'xpstar.dll'
点击执行GO
--发现xp_cmdshell被篡改,执行下面语句改回来
drop procedure xp_cmdshell
点击执行GO
exec sp_addextendedproc N'xp_cmdshell', N'xplog70.dll'
点击执行GO
--然后执行下面语句验证xp_cmdshell是否正确
xp_cmdshell 'dir c:\'
--如果该语句异常,还有可能sql server服务的启用账户(一般情况下是system)没有
访问system32\cmd.exe文件的权限,加上权限即可
--发现其他存储过程被篡改,执行下面语句
drop procedure 存储过程名称
点击执行GO
exec sp_addextendedproc N'存储过程名称', N'xpstar.dll'
--如果sp_password过程也被修改通过以下方法更新
use master
点击执行GO
sp_configure 'allow updates',1
点击执行GO
reconfigure with override
点击执行GO
drop procedure sp_password
--找一个正确有过程代码,创建改密码过程.
create procedure sp_password
@old sysname = NULL, -- the old (current) password
@new sysname, -- the new password
@loginame sysname = NULL -- user to change password on
as
-- SETUP RUNTIME OPTIONS / DECLARE VARIABLES --
set nocount on
declare @self int
select @self = CASE WHEN @loginame is null THEN 1 ELSE 2 END
-- RESOLVE LOGIN NAME
if @loginame is null
select @loginame = suser_sname()
-- CHECK PERMISSIONS (SecurityAdmin per Richard Waymire) --
IF (not is_srvrolemember('securityadmin') = 1)
AND not @self = 1
begin
dbcc auditevent (107, @self, 0, @loginame, NULL, NULL, NULL)
raiserror(15210,-1,-1)
return (1)
end
ELSE
begin
dbcc auditevent (107, @self, 1, @loginame, NULL, NULL, NULL)
end
-- DISALLOW USER TRANSACTION --
set implicit_transactions off
IF (@@trancount > 0)
begin
raiserror(15002,-1,-1,'sp_password')
return (1)
end
-- RESOLVE LOGIN NAME (disallows nt names)
if not exists (select * from master.dbo.syslogins where
loginname = @loginame and isntname = 0)
begin
raiserror(15007,-1,-1,@loginame)
return (1)
end
-- IF non-SYSADMIN ATTEMPTING CHANGE TO SYSADMIN, REQUIRE PASSWORD (218078) --
if (@self <> 1 AND is_srvrolemember('sysadmin') = 0 AND exists
(SELECT * FROM master.dbo.syslogins WHERE loginname = @loginame and isntname = 0
AND sysadmin = 1) )
SELECT @self = 1
-- CHECK OLD PASSWORD IF NEEDED --
if (@self = 1 or @old is not null)
if not exists (select * from master.dbo.sysxlogins
where srvid IS NULL and
name = @loginame and
( (@old is null and password is null) or
(pwdcompare(@old, password, (CASE WHEN xstatus&2048 = 2048 THEN 1 ELSE 0 END)) = 1) ) )
begin
raiserror(15211,-1,-1)
return (1)
end
-- CHANGE THE PASSWORD --
update master.dbo.sysxlogins
set password = convert(varbinary(256), pwdencrypt(@new)), xdate2 = getdate(), xstatus = xstatus & (~2048)
where name = @loginame and srvid IS NULL
-- UPDATE PROTECTION TIMESTAMP FOR MASTER DB, TO INDICATE SYSLOGINS CHANGE --
exec('use master grant all to null')
-- FINALIZATION: RETURN SUCCESS/FAILURE --
if @@error <> 0
return (1)
raiserror(15478,-1,-1)
return (0) -- sp_password
点击执行GO
- 回答者:zhaoshuai888
- 等级:问不倒翁
- 时间:2012-10-01 14:18
- 提问者对最佳回答的评论:
- 非常感谢已解决!~
对最佳答案的评论 共 1 条
执行这么多语句,其实还不如重装一下SQL2000算了啊,SQL2000自动安装工具下载地址:http://www.yt-pos.com/a/fuwuyuxiazai/zaixianjishushouce/gongjuziliaoxiaz/2011/0215/138.html
- 评论者:李祥
快到期问题