联系:手机/微信(+86 17813235971) QQ(107644445)
作者:惜分飞©版权所有[未经本人同意,不得以任何形式转载,否则有进一步追究法律责任的权利.]
有客户mysql数据库被黑(业务数据库被删除),创建了一个A_H_README_TO_RECOVER库
[root@www.xifenfei.com ~]# mysql -uroot -pxxxxx
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4539028
Server version: 5.6.50-log Source distribution
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+-----------------------+
| Database |
+-----------------------+
| information_schema |
| A_H_README_TO_RECOVER |
| mysql |
| performance_schema |
+-----------------------+
8 rows in set (0.00 sec)
mysql> use A_H_README_TO_RECOVER;
Database changed
mysql> show tables;
+---------------------------------+
| Tables_in_A_H_README_TO_RECOVER |
+---------------------------------+
| README |
+---------------------------------+
1 row in set (0.00 sec)
mysql> desc README;
+------------+----------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------+----------+------+-----+---------+-------+
| zh_content | longtext | YES | | NULL | |
| en_content | longtext | YES | | NULL | |
| email | longtext | YES | | NULL | |
+------------+----------+------+-----+---------+-------+
3 rows in set (0.00 sec)
mysql> select *from README ;
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------+-------------------------+
| zh_content | en_content | email |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------+-------------------------+
| 请与我们联系进行数据恢复,或者你对我们的项目感兴趣,也可以与我们取得联系。未与我们联系的,数据和组织信息将会公布在国内各大平台中。联系邮件:honey_xiaowu@keemail.me | honey_xiaowu@keemail.me or honey_xiaowu@proton.me | honey_xiaowu@keemail.me |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------+-------------------------+
1 row in set (0.00 sec)
mysql> exit
Bye
|
对于这类情况类似以前处理的case:
read_me_recover_tn勒索恢复
RECOVER_YOUR_DATA勒索恢复
A____Z____RECOVER____DATA勒索恢复
处理方法一般也就是先考虑os层面恢复,如果os层面无法恢复,就从block层面进行恢复,这个客户通过最终分析,恢复出来客户需要的表数据
对于类似这种A_H_README_TO_RECOVER勒索恢复,建议先对系统进行镜像或者快照,然后按照先os层面恢复,在block级别恢复的方法处理,如果无法自行解决,可以联系我们进行技术支持,最大限度抢救和数据,减少损失
电话/微信:17813235971 Q Q:107644445 E-Mail:dba@xifenfei.com
另外建议加强系统和mysql安全加固,数据库尽量不要暴露在公网上
- read_me_recover_tn勒索恢复
- RECOVER_YOUR_DATA勒索恢复
- A____Z____RECOVER____DATA勒索恢复
- mysql 数据库目录被删除恢复
- Mysql查询视图:ERROR 1449 (HY000)
- 应用连接错误,初始化mysql数据库恢复
- MySQL勒索恢复
- MySQL 8.0版本ibd文件恢复
- .mdf.locked加密sql server完美恢复
- mysql ibd文件被加密恢复
- .[metro777@cock.li].Elbie勒索病毒加密数据库恢复
- mysql-cluster 7.x安装(windows)