ll /proc/{pid} 输出中, exe ->; '/usr/bin/-bash (deleted)' 是个重要的提示信息,
ll /proc/{pid}
exe ->; '/usr/bin/-bash (deleted)'
主要思路就是从cron job 反推文件位置,然后删除对应的可执行程序
挖矿病毒-简书 挖矿病毒处置
Posted in: IT人生
Comments are closed.
国外VPS推荐
Comments are closed.