功能是：以一个关键字为索引，搜索整个数据库，然后返回那个关键字所在的表名和列名。（很赞...特别是入侵的时候找不到用户名与密码所在的表的时候，如果能直接通过输入admin这个关键词找出字段...省得一个表一个表的看了。）于是根据那段语句，写了个asp的脚本，方便大家以后搜寻数据库。

代码如下：
复制代码 代码如下:
<%
'Confirm a keyword's position of a database(which table & which column)
'By oldjun(http://www.oldjun.com)
'Based on huangzi(http://www.2chuizi.com)'s sql
Server.ScriptTimeout=999999999
Response.Buffer =true
On Error Resume Next
keyword=request("keyword")
if keyword="" then
response.write "Need keyword!"
response.End
End if
dim conn
Set conn = Server.CreateObject("ADODB.Connection")
Dim ConnStr
'ConnectionString,Pls change!
ConnStr="Driver={SQL SERVER};Server=localhost;UID=sa;PWD=sa;Database=master"
Conn.open ConnStr
conn.execute("CREATE TABLE huangzi_table(id int identity(1,1),biaoid int,biaoname nvarchar(1000))")
conn.execute("insert huangzi_table select [id],[name] from sysobjects where xtype='U'")
set rs =conn.execute("select count(id) as tnum from huangzi_table")
tnum=rs("tnum")
rs.close
set rs=nothing
for i=1 to tnum
set rsbiao =conn.execute("select biaoid from huangzi_table where id="&i&"")
biaoid=rsbiao("biaoid")
set rst =conn.execute("select [biaoname] from huangzi_table where biaoid="&biaoid&"")
tname=rst("biaoname")
set rsl=conn.execute("select count([name]) as lnum from syscolumns where id="&biaoid&"")
lnum=rsl("lnum")
for j=1 to lnum
topnum=j-1
set rslie=conn.execute("select top 1 [name] from syscolumns where id="&biaoid&" and [name] not in
(select top "&topnum&" [name] from syscolumns where id="&biaoid&")")
liename=rslie("name")
set rsresult=conn.execute("select top 1 ["&liename&"] from ["&tname&"] where CAST(["&liename&"] AS NVARCHAR(1000))='"&keyword&"'")
if rsresult.bof or rsresult.eof then
'response.write "Nothing-"&tname&":"&liename
'response.write "<br>"
else
result=rsresult(liename)
response.write result&"("&tname&":"&liename&")"
response.write "<br>"
End if
rslie.close
set rslie=nothing
rsresult.close
set rsresult=nothing
next
rsbiao.close
set rsbiao=nothing
rst.close
set rst=nothing
rsl.close
set rsl=nothing
next
conn.execute("DROP TABLE huangzi_table")
%>

注：效率很差，使用时可能出现假死， 请耐心等待，大库还是别用了；代码简单，实现的简单功能，没技术含量，留着以后备用；换连接语句的时候有个缓存问题，建议重启下浏览器！