手里有一台小鸡,这家的系统重装后有一个默认的 ROOT 密码,初次登陆后会要求修改 ROOT密码。并且ROOT密码无**常修改,修改的同时会断开连接。
WARNING! The remote SSH server rejected X11 forwarding request.
You are required to change your password immediately (root enforced)
Linux google 4.9.0-7-amd64 #1 SMP Debian 4.9.110-3+deb9u2 (2018-08-13) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Nov 3 06:10:08 2018
Changing password for root.
(current) UNIX password:
Connection closing...Socket close.
Connection closed by foreign host.
通过 LINUX GRUB 强制 修改密码后,安装完 宝塔,其他什么都没有安装,通过宝塔关闭了 SSH 端口,发现小鸡仍然被爆,植入挖矿程序,这到底是怎么被爆的