One of our clients had a bunch of data corrupted by an SQL
injection worm a few days ago. The worm updated all NTEXT, TEXT,
NVARCHAR and VARCHAR columns, adding script tags to the existing data.
I whipped together these procedures
to aid our recovery work and decided to post them in case anyone else
needs to find out which tables and columns has been affected by a
similar injection. They're handy for finding strings, regardless of
purpose.
Procedures for finding strings in any column in all tables in a database (SQL Server 2005)
Procedures for finding strings in any column in all tables in a database (SQL Server 2005)
