这是一个创建于 2171 天前的主题,其中的信息可能已经有所发展或是发生改变。
登录设置的仅 ssh 秘钥方式登录,今天访问自己的小站时发现打开不了,然后去控制台,居然关机了,当时心里就猜测应该被别人挖矿,被腾讯强制关机了,登记去后提示
Last failed login: Mon Nov 26 07:25:30 CST 2018 from 139.199.48.25 on ssh:notty
There were 4393 failed login attempts since the last successful login.
Last login: Fri Nov 23 13:48:51 2018 from 118.122.119.107
View here: https://pastebin.com/raw/eFDC9giY for information on how to obtain your files!
然后发现用户目录下的东西都没了。只有一个文件
-rw-r--r--. 1 root root 90 Nov 26 09:39 READ_THIS.txt
内容是:
View here: https://pastebin.com/raw/eFDC9giY for information on how to obtain your files!
这是怎么做到的。。。
Last failed login: Mon Nov 26 07:25:30 CST 2018 from 139.199.48.25 on ssh:notty
There were 4393 failed login attempts since the last successful login.
Last login: Fri Nov 23 13:48:51 2018 from 118.122.119.107
View here: https://pastebin.com/raw/eFDC9giY for information on how to obtain your files!
然后发现用户目录下的东西都没了。只有一个文件
-rw-r--r--. 1 root root 90 Nov 26 09:39 READ_THIS.txt
内容是:
View here: https://pastebin.com/raw/eFDC9giY for information on how to obtain your files!
这是怎么做到的。。。
 |
1
bkmi 2018-11-27 18:54:31 +08:00 via Android
好奇都跑了什么服务,什么漏洞被利用了
|
 |
2
Fenhai OP 就 gogs 和 ssr
|
 |
3
javashell 2018-11-27 19:26:43 +08:00 via Android  1
感觉像是从 gogs 入的,查看下 gogs 日志
|
 |
4
sigup 2018-11-27 19:37:15 +08:00 1
|
 |
5
Danfi 2018-11-27 19:54:30 +08:00
之前懒得升级,看到正好升级下 gogs。。
|
 |
6
opengps 2019-03-23 08:28:36 +08:00 via Android
公网环境下,各种漏洞都会被利用,你都有哪些防护?
|
Select Language