全球主机交流论坛

标题: 乌龟壳说我挖矿，怎么破？ [打印本页]

作者: hzjackq 时间: 2025-7-2 17:22
标题: 乌龟壳说我挖矿，怎么破？

Oracle Cloud Infrastructure Customer,

Oracle Cloud Infrastructure (OCI) has received notice of or detected unusual and potentially harmful activity originating from your tenancy.

Abuse Details: Crypto or Cyber-Currency Coin-Mining Activity

Action Required: Under your agreement with Oracle, you are responsible for the maintenance and security of this resource. You may wish to inspect the resource(s) for compromise or misconfiguration and mitigate the indicated issues. If the activity continues beyond the Disable By date provided in the details column, or Oracle determines that there is a significant threat to the functionality, security, integrity, or availability of our services, your resource(s) may be disabled.

我系统都重新安装了，过了几天就又收到邮件

作者: HOH 时间: 2025-7-2 17:25
Under your agreement with Oracle, you are responsible for the maintenance and security of this resource.

作者: chaoticjoy 时间: 2025-7-2 17:32
实际情况是啥

作者: hzjackq 时间: 2025-7-2 17:42

chaoticjoy 发表于 2025-7-2 17:32
实际情况是啥

只用于FQ，里面啥也没装

作者: taryn 时间: 2025-7-2 17:43
别用一键脚本

作者: hzjackq 时间: 2025-7-2 17:48
pstree -a 的结果：

systemd
  |-accounts-daemon
  | `-2*[{accounts-daemon}]
  |-agent
  | |-gomon
  | | `-8*[{gomon}]
  | |-oci-wlp
  | | `-8*[{oci-wlp}]
  | `-7*[{agent}]
  |-agetty -o -p -- \\u --keep-baud 115200,38400,9600 ttyS0 vt220
  |-agetty -o -p -- \\u --noclear tty1 linux
  |-atd -f
  |-cron -f
  |-dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  |-irqbalance --foreground
  | `-{irqbalance}
  |-lvmetad -f
  |-lxcfs /var/lib/lxcfs/
  | `-6*[{lxcfs}]
  |-networkd-dispat /usr/bin/networkd-dispatcher --run-startup-triggers
  | `-{networkd-dispat}
  |-polkitd --no-debug
  | `-2*[{polkitd}]
  |-rpcbind -f -w
  |-rsyslogd -n
  | `-3*[{rsyslogd}]
  |-screen -R trojan
  | `-bash
  |    `-trojan-go
  |          `-8*[{trojan-go}]
  |-screen -R mihomo
  | `-bash
  |    `-mihomo -d ./
  |          `-8*[{mihomo}]
  |-snapd
  | `-9*[{snapd}]
  |-sshd -D
  | `-sshd
  |    `-sshd
  |          `-bash
  |             `-sudo -i
  |                `-bash
  |                      `-pstree -a
  |-systemd --user
  | `-(sd-pam)
  |-systemd-journal
  |-systemd-logind
  |-systemd-network
  |-systemd-resolve
  |-systemd-timesyn
  | `-{systemd-timesyn}
  |-systemd-udevd
  |-unattended-upgr /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
  | `-{unattended-upgr}
  `-updater
   `-8*[{updater}]

作者: liang747 时间: 2025-7-2 18:20
你的脚本有问题或许是dd脚本出问题

作者: 笑花落半世琉璃 时间: 2025-7-2 19:49
那还不重装系统等ban号吗

作者: diocat 时间: 2025-7-2 19:51
不用查，直接去控制台后台看占用率，包准

作者: jj1314 时间: 2025-7-2 19:59
你不装探针看鸡鸡占用情况的吗

欢迎光临全球主机交流论坛 (https://fd.vvwvv.eu.org/)