{"id":98290,"date":"2024-06-20T18:39:10","date_gmt":"2024-06-20T10:39:10","guid":{"rendered":"https:\/\/lrxjmw.cn\/?p=98290"},"modified":"2024-06-20T18:39:10","modified_gmt":"2024-06-20T10:39:10","slug":"75000-linux-bug","status":"publish","type":"post","link":"https:\/\/lrxjmw.cn\/75000-linux-bug.html","title":{"rendered":"\u4ef7\u503c$75000\u7684Linux\u6f0f\u6d1e"},"content":{"rendered":"<p>\u9ed1\u5ba2\u7ec4\u7ec7\u5229\u7528 Cacti\u201cNetwork Weathermap\u201d\u63d2\u4ef6\u4e2d\u4e00\u4e2a\u5b58\u5728 5 \u5e74\u4e4b\u4e45\u7684\u6f0f\u6d1e\uff0c\u5728 Linux \u670d\u52a1\u5668\u4e0a\u5b89\u88c5\u4e86 Monero \u77ff\u5de5\uff0c\u8d5a\u4e86\u8fd1 75,000 \u7f8e\u5143\u3002\u6765\u81ea\u7f8e\u56fd\u5b89\u5168\u516c\u53f8\u8d8b\u52bf\u79d1\u6280\u7684\u4e13\u5bb6\u8868\u793a\uff0c\u4ed6\u4eec\u6709\u8bc1\u636e\u8bc1\u660e\u8fd9\u4e9b\u653b\u51fb\u4e0e\u8fc7\u53bb\u53d1\u751f\u5728 Jenkins \u670d\u52a1\u5668\u4e0a\u7684\u653b\u51fb\u6709\u5173\uff1a\u9ed1\u5ba2\u7ec4\u7ec7\u5229\u7528 CVE-2017-1000353 \u6f0f\u6d1e\u5728 Jenkins \u8bbe\u5907\u4e0a\u5b89\u88c5 Moner \u77ff\u5de5\uff0c\u83b7\u5f97\u4e86\u7ea6 300 \u4e07\u7f8e\u5143\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lrxjmw.cn\/wp-content\/uploads\/2018\/03\/180552_nCKt_2903254.png\" alt=\"\" width=\"516\" height=\"261\" class=\"alignnone size-full wp-image-98293\" srcset=\"https:\/\/lrxjmw.cn\/wp-content\/uploads\/2018\/03\/180552_nCKt_2903254.png 516w, https:\/\/lrxjmw.cn\/wp-content\/uploads\/2018\/03\/180552_nCKt_2903254-300x152.png 300w\" sizes=\"auto, (max-width: 516px) 100vw, 516px\" \/><\/p>\n<p>\u8fd9\u6b21\uff0c\u653b\u51fb\u8005\u5229\u7528\u4e86 Cacti \u7684 CVE-2013-2618 \u6f0f\u3002Cacti \u662f\u4e00\u4e2a\u57fa\u4e8e PHP \u7684\u5f00\u6e90\u7f51\u7edc\u76d1\u89c6\u548c\u56fe\u5f62\u5de5\u5177\uff0c\u66f4\u5177\u4f53\u5730\u8bf4\uff0c\u662f\u5728\u5176 Network Weathermap \u63d2\u4ef6\u4e2d\u8d1f\u8d23\u53ef\u89c6\u5316\u7f51\u7edc\u6d3b\u52a8\u3002\u5c31\u50cf\u5728\u4ee5\u524d\u7684\u653b\u51fb\u4e00\u6837\uff0c\u9ed1\u5ba2\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u83b7\u5f97\u5e95\u5c42\u670d\u52a1\u5668\u7684\u4ee3\u7801\u6267\u884c\u80fd\u529b\uff0c\u5728\u8fd9\u4e9b\u670d\u52a1\u5668\u4e0a\u4ed6\u4eec\u4e0b\u8f7d\u5e76\u5b89\u88c5\u4e86\u4e00\u4e2a\u5408\u6cd5\u7684 Monero \u6316\u6398\u8f6f\u4ef6 XMRig \u7684\u5b9a\u5236\u7248\u672c\u3002<\/p>\n<p>\u653b\u51fb\u8005\u8fd8\u4fee\u6539\u4e86\u672c\u5730 cron \u4f5c\u4e1a\uff0c\u6bcf\u4e09\u5206\u949f\u89e6\u53d1\u4e00\u6b21\u201cwatchd0g\u201dBash \u811a\u672c\uff0c\u8be5\u811a\u672c\u68c0\u67e5 Monero \u77ff\u5de5\u662f\u5426\u4ecd\u5904\u4e8e\u6d3b\u52a8\u72b6\u6001\uff0c\u5e76\u5728 XMRig \u7684\u8fdb\u7a0b\u505c\u6b62\u65f6\u91cd\u65b0\u542f\u52a8\u5b83\u3002\u653b\u51fb\u8005\u4f7f\u7528\u8fd9\u79cd\u7b80\u5355\u7684\u64cd\u4f5c\u6a21\u5f0f\u6536\u83b7\u4e86\u5927\u7ea6 320 XMR\uff0875,000 \u7f8e\u5143\uff09\u3002\u6240\u6709\u53d7\u611f\u67d3\u7684\u670d\u52a1\u5668\u90fd\u8fd0\u884c Linux\uff0c\u5927\u591a\u6570\u53d7\u5bb3\u8005\u4f4d\u4e8e\u65e5\u672c\uff0812\uff05\uff09\uff0c\u4e2d\u56fd\uff0810\uff05\uff09\uff0c\u53f0\u6e7e\uff0810\uff05\uff09\u548c\u7f8e\u56fd\uff089\uff05\uff09\u3002\u7531\u4e8e Cacti \u7cfb\u7edf\u901a\u5e38\u8bbe\u8ba1\u4e3a\u8fd0\u884c\u5e76\u5bc6\u5207\u5173\u6ce8\u5185\u90e8\u7f51\u7edc\uff0c\u56e0\u6b64\u4e0d\u5e94\u5728\u7ebf\u8bbf\u95ee\u6b64\u7c7b\u5b9e\u4f8b\u3002<\/p>\n<blockquote>\n<p style=\"text-align: left; color: #88a6a4;\">\u539f\u6587\u6765\u81ea\uff1a<a href=\"https:\/\/www.oschina.net\/news\/94572\/hackers-infect-linux-servers-with-monero-miner\" target=\"_blank\" rel=\"noopener\">https:\/\/www.oschina.net\/news\/94572\/hackers-infect-linux-servers-with-monero-miner<\/a><\/p>\n<p style=\"text-align: left; color: #88a6a4;\">\u672c\u6587\u5730\u5740\uff1a<a href=\"https:\/\/lrxjmw.cn\/75000-linux-bug.html\" target=\"_blank\" rel=\"noopener\">https:\/\/lrxjmw.cn\/75000-linux-bug.html<\/a><span style=\"float: right;\">\u7f16\u8f91\uff1a\u82cf\u897f\u4e91\uff0c\u5ba1\u6838\u5458\uff1a\u9004\u589e\u5b9d<\/span><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>\u9ed1\u5ba2\u7ec4\u7ec7\u5229\u7528 Cacti\u201cNetwork Weathermap\u201d\u63d2\u4ef6\u4e2d\u4e00\u4e2a\u5b58\u5728 5 \u5e74\u4e4b\u4e45\u7684\u6f0f\u6d1e\uff0c\u5728 Linu [&hellip;]<\/p>\n","protected":false},"author":63,"featured_media":98296,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[21],"tags":[],"class_list":["post-98290","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/98290","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/63"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=98290"}],"version-history":[{"count":5,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/98290\/revisions"}],"predecessor-version":[{"id":292005,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/98290\/revisions\/292005"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/98296"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=98290"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=98290"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=98290"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}