MongoDB被黑,数据莫名其妙的没了

刚装的YAPI隔天莫名其妙的登录不了,去检查数据库发现 MongoDB 的的 yapi 库没了

  剩下一个 DB:

READ_ME_TO_RECOVER_YOUR_DATA

  内容是:

All your data is a backed up. 
You must pay 0.04 BTC to 18FXXXXTBpv6XXXXLKDriXXXXDWgnYXXXX
After 48 hours expiration we will leak and expose all your data.
After 48 hours the database dump will be deleted from our server!
You can buy bitcoin in https://biXXXce.com
After paying write to us in the mail with your DB IP:
rasmXXXXq7tz@onionmail.org and you will receive a link to download your database dump. CHECK YOUR SPAM FOLDER!

  大致意思是:你的全部数据已经备份了,需要支付0.04个比特币作为赎金,数据会保留48小时,否则之后就会公开数据

  接下来就是告知去哪里买BTC,支付后发邮件给他再通知将数据下载回来

 

  可不就是被勒索了嘛???

 

  还好仅仅是测试数据,不然就乖乖给赎金吧

 

  下面重新开始配置YAPI,并设置MongoDB

 

一、扫描服务器漏洞

  确认一下是否还有其他漏洞,一并处理了

 

二、修改 Mongo 默认端口、禁止远程访问

vim /etc/mongod.conf

 

 

  重启 Mongo:

service mongod restart

 

三、部署YAPI(完整部署流程见:CentOS 7 安装 YApi)有数据备份越过

  1、删除原路径数据

rm -rf /my-yapi/

 

  2、重复完整部署流程三,注意端口号

 

  3、重启 YAPI

pm2 restart /my-yapi/vendors/server/app.js

 

  嗯,ok

 

posted @ 2023-03-18 17:03  林诺欧巴  阅读(771)  评论(0编辑  收藏  举报