intro

原文链接 freebuf服务器入侵溯源小技巧整理

分析网站源码可以帮助获取网站被入侵时间,入侵痕迹、IP等信息, 对之后的日志分析很有帮助。通常情况下如何通过查杀后门、查看源文件修改时间去定位是否包含webshell.

使用 ls 查看指定目录下文件时间的排序

ls -alt | head -n 20

ls -alt a显示隐藏文件、l显示更多文件信息 t按照时间生成顺序排序
head -n x 显示每个文件的前x行内容

使用 find 指令查找限定时间范围的文件

sudo find ./ -cmin -10 -name "*.php"

使用 stat 查看文件详细信息

stat test.php

日志分析

分析nginx日志、access.log和error.log

根据时间筛选 

sudo cat access.log| grep '27/Jun/2018'

根据特殊文件名筛选

sudo cat access.log| grep '文件名'

根据 ip 筛选

sudo cat access.log| grep 'ip'

对访问服务器的 IP 进行统计排序

sudo cat /var/log/apache2/access.log | cut -f1 -d ' '| sort | uniq -c

web-log 分析工具

系统日志分析

/var/log/wtmp 登录进入,退出,数据交换、关机和重启纪录

/var/run/utmp 有关当前登录用户的信息记录

/var/log/lastlog 文件记录用户最后登录的信息,可用 lastlog 命令来查看。

/var/log/secure 记录登入系统存取数据的文件,例如 pop3/ssh/telnet/ftp 等都会被记录。

/var/log/cron 与定时任务相关的日志信息

/var/log/message 系统启动后的信息和错误日志

/var/log/wtmp 和/var/run/utmp 两个文件无法直接使用 cat 命令输出,

但是可以使用一些命令来查看,比如 w/who/finger/id/last/ac/uptime

w

w 命令
该命令查询 /var/log/wtmp 文件并显示 当前 系统中每个用户和它所运行的进程信息:

last

该命令往回搜索 /var/log/wtmp 文件来显示自从该文件第一次创建以来所有登录过的用户:

如果指明了用户,则该命令只显示该用户的近期活动

lastlog

 /var/log/lastlog 文件在每次有用户登录时被查询。可以使用 lastlog 命令来检查某特定用户上次登录的时间,
 并格式化输出上次登录日志 /var/log/lastlog 的内容。它根据 UID 排序显示登录名、端口号(tty)
 和上次登录时间。如果一个用户从未登录过,lastlog 显示 Never logged(从未登录过)。
 注意需要以 root 运行该命令

系统信息分析

history

/etc/passwd

ls -alt /etc/init.d

查看用户登录信息 (lastlog,lastb,last)

查看是否有 ssh 可疑公钥

history

可使用该指令查看服务器上使用过的历史指令。通过 history 信息可能获得以下敏感信息
- wget (远程某主机的远控文件)
- ssh  尝试连接内网的某些机器
- tar zip 可以知道攻击者打包了哪些敏感数据
- 可知道攻击者对服务器做了哪些配置上的修改 (添加用户,留后门等)

/etc/passwd

 可通过该文件分析可疑账号

分析服务器的开机自启程序,分析是否存在后门木马程序

1. ls -alt /etc/init.d
2. /etc/init.d/rc.local /etc/rc.local
3. chkconfig

查看登录信息

lastlog(查看系统中所有用户最近一次的登录信息)
lastb (查看用户的错误登录信息)
last(显示用户最近登录信息)

查看ssh相关目录

redis未授权访问漏洞可直接向服务器写入公钥,从而实现无密码登录服务器。

所以要查看/etc/.ssh ~/.ssh目录下有无可疑公钥

分析进程(端口)

查看端口占用情况

netstat -apn|more

查看可疑端口的pid分析进程

ps aux | grep 'pid'

结束进程

kill PID

killall <进程名>

197 对 “Linux溯源小结”的想法;

  4. This is very interesting, You are a very skilled blogger.
    I have joined your rss feed and look forward to seeking more of your great post.

    Also, I’ve shared your site in my social networks!

    回复

  102. https://cutt.ly/hHvcg7L http://ubezpieczenia-on-line.pl https://cutt.ly/CHvv9CL http://ubezpieczenia-Jaworzno.pl/ https://Is.gd/HOcDVQ https://rebrand.ly/1fa74f https://cutt.ly/NHvvkiz https://Is.gd/r5EeaE https://cutt.ly/tHvvVnv https://rebrand.ly/f2df62
    https://rebrand.ly/2b4251 https://is.gd/YCASGh https://is.gd/7Mwnmi https://is.gd/r5EeaE http://kalkulatorubezpieczen.pl https://tinyurl.com/356m4924 https://is.gd/cJol8e https://bit.ly/3LmXrTk https://tinyurl.com/2spswmfn https://Is.gd/VZy27c
    rebrand.ly https://Bit.ly/3wi8pFr https://bit.ly/3wi8pFr prawoiubezpieczenia.pl dobrzeubezpieczamy.pl https://is.gd cutt.ly
    rebrand.ly
    cutt.ly http://ubezpieczeniablonie.pl is.gd is.gd
    is.gd https://is.gd/
    bit.ly rebrand.ly

    回复

  135. Trump’s pressure on investigators prompted Rep.
    https://rentry.org/rinyg https://jobs.thedrinksbusiness.com/profiles/3356704-felicia-chapman https://www.obesityhelp.com/members/spiculate1991/about_me/ https://rentry.org/hd59p https://www.cossa.ru/profile/?ID=214747

    Zoe Lofgren, who sits on the House committee probing the insurrection, to warn that the ex-President had issued a “call to arms.”
    “Calling out for demonstrations if, you know, anything adverse, legally, happens to him, is pretty extraordinary. And I think it’s important to think through what message is being sent,” the California Democrat told CNN’s Pamela Brown on Sunday.
    In yet another sign of Trump’s incessantly consuming inability to accept his election loss, he issued a statement that same evening slamming former Vice President Mike Pence for refusing his demands to overturn the result of the democratic election in 2020, and falsely claimed that the then-vice president had the power to do so.

    回复

  142. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    http://exnihil1960.idea.informer.com/ https://imageevent.com/telegony1963 https://anotepad.com/notes/n4r2jkh6 https://absconcier1987.micro.blog/about/ https://ask.godotengine.org/user/djb1964

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  162. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://porncoven.com/members/56031-aurilau1959?tab=aboutme#aboutme https://chyoa.com/user/falcate1955 https://www.hentai-foundry.com/user/djons1991/profile https://rentry.org/etyzqf https://www.quia.com/profiles/fchapman141

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  165. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://disciform1967.educatorpages.com/ https://imageevent.com/ablative1976 https://elodialla1967.educatorpages.com/ https://pornsavant.com/members/78864-silee1987?tab=aboutme#aboutme https://www.cakeresume.com/me/felicia-5c142c

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  167. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://wadepappus1999.micro.blog/about/ http://steave1962.populr.me/milf-tales-4 https://permacultureglobal.org/users/46183-felicia-chapman https://jobs.thedrinksbusiness.com/profiles/3513723-felicia-chapman https://tubeteencam.com/user/palez21958/profile

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  174. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://www.quia.com/profiles/fechapman109 https://www.metal-archives.com/users/olfactology1988 https://anotepad.com/notes/5m49r9fb https://pornsavant.com/members/79125-cerber841978?tab=aboutme#aboutme https://zapytaj.zhp.pl/user/jollyjoist1972

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  181. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://jobs.thedrinksbusiness.com/profiles/3524665-felicia-chapman https://forums.giantitp.com/member.php?298950-palanquin1997&tab=aboutme#aboutme http://www.babelcube.com/user/felicia-chapman-233 https://www.cossa.ru/profile/?ID=218072 http://www.babelcube.com/user/felicia-chapman-266

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  186. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://www.hentai-foundry.com/user/cataphysical1954/profile https://files.fm/lizik5551965/info https://palpebral1955.bandcamp.com/album/24harry-potter-and-the-sword-of-gryffindor https://cannabis.net/user/134431 https://www.divephotoguide.com/user/acclivity1995

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

  194. Sexy drunk girl eagerly sucks beer from a martini glass in a real porn video.
    Pussies get pounded extra hard when these hot girls are drunk in a porn flick.
    A X-rated drunken fuck session with vodka spilled all over the sheets.
    Watch as she gets fully nude and begs for anal in a crazy drunken porn video.
    These horny girls get down and dirty when the martinis flow in a naughty porn vid.
    Get ready to cum as these real hot girls get fucked after a few beers.
    Anal sex gets extra kinky when they are too drunk in an R-rated porn video.
    Sloshed girls get banged while the vodka is still on their lips in another XXX clip.
    Naughty drunken porn with beer flowing everywhere as she screams in pleasure.
    Slippery fun with hot naked drunk girls sprawled out begging for more from her partner.
    A nude sex romp with vodka and cocktails running down her lips in an allowed porn video.
    A wild evening of drunken porn that’s sure to get your adrenaline pumping.
    Wet pussy licking as an intoxicated girl begs for his cum in a real porn flick.
    https://cannabis.net/user/134788 https://www.sandiegoreader.com/users/marcantony1970/ https://pastehere.xyz/bnX0HboVD/ https://quinible1989.educatorpages.com/ https://participer.ge.ch/profiles/septiform1965/activity

    A XXX drunken orgy that is filled with lots of naughty action and pleasure.

    回复

发表回复

您的电子邮箱地址不会被公开。