有客户mysql数据库被黑(业务数据库被删除),创建了一个A_H_README_TO_RECOVER库
[root@www.xifenfei.com ~]# mysql -uroot -pxxxxx
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4539028
Server version: 5.6.50-log Source distribution
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+-----------------------+
| Database |
+-----------------------+
| information_schema |
| A_H_README_TO_RECOVER |
| mysql |
| performance_schema |
+-----------------------+
8 rows in set (0.00 sec)
mysql> use A_H_README_TO_RECOVER;
Database changed
mysql> show tables;
+---------------------------------+
| Tables_in_A_H_README_TO_RECOVER |
+---------------------------------+
| README |
+---------------------------------+
1 row in set (0.00 sec)
mysql> desc README;
+------------+----------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------+----------+------+-----+---------+-------+
| zh_content | longtext | YES | | NULL | |
| en_content | longtext | YES | | NULL | |
| email | longtext | YES | | NULL | |
+------------+----------+------+-----+---------+-------+
3 rows in set (0.00 sec)
mysql> select *from README ;
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------+-------------------------+
| zh_content | en_content | email |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------+-------------------------+
| 请与我们联系进行数据恢复,或者你对我们的项目感兴趣,也可以与我们取得联系。未与我们联系的,数据和组织信息将会公布在国内各大平台中。联系邮件:honey_xiaowu@keemail.me | honey_xiaowu@keemail.me or honey_xiaowu@proton.me | honey_xiaowu@keemail.me |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------+-------------------------+
1 row in set (0.00 sec)
mysql> exit
Bye
|
对于这类情况类似以前处理的case:
read_me_recover_tn勒索恢复
RECOVER_YOUR_DATA勒索恢复
A____Z____RECOVER____DATA勒索恢复
处理方法一般也就是先考虑os层面恢复,如果os层面无法恢复,就从block层面进行恢复,这个客户通过最终分析,恢复出来客户需要的表数据
对于类似这种A_H_README_TO_RECOVER勒索恢复,建议先对系统进行镜像或者快照,然后按照先os层面恢复,在block级别恢复的方法处理,如果无法自行解决,可以联系我们进行技术支持,最大限度抢救和数据,减少损失,另外建议加强系统和mysql安全加固,数据库尽量不要暴露在公网上
![洛谷每日一题(P1205 [USACO1.2] 方块转换 Transformations)矩阵变换](https://i-blog.csdnimg.cn/direct/80091e3749cb4abbada5ef304c3e1c7e.png)
