47 lines
1.6 KiB
Python
47 lines
1.6 KiB
Python
#!/usr/bin/env python3
|
|
# -*- coding: utf-8 -*-
|
|
"""删除 /www/wwwroot/self 下发现的 xmrig 挖矿病毒"""
|
|
import os
|
|
import sys
|
|
try:
|
|
import paramiko
|
|
except ImportError:
|
|
print("pip install paramiko"); sys.exit(1)
|
|
|
|
def get_cfg():
|
|
try:
|
|
import importlib.util
|
|
spec = importlib.util.spec_from_file_location("m", os.path.join(os.path.dirname(__file__), "master.py"))
|
|
mod = importlib.util.module_from_spec(spec)
|
|
spec.loader.exec_module(mod)
|
|
c = mod.get_cfg()
|
|
return {"host": c["host"], "user": c.get("user","root"), "password": c.get("password",""), "port": 22022}
|
|
except Exception:
|
|
return {}
|
|
|
|
cfg = get_cfg()
|
|
if not cfg.get("host"):
|
|
print("配置失败"); sys.exit(1)
|
|
|
|
c = paramiko.SSHClient()
|
|
c.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
|
c.connect(cfg["host"], port=cfg["port"], username=cfg["user"], password=cfg["password"], timeout=15)
|
|
|
|
target = "/www/wwwroot/self/wanzhi/tongzhi/xmrig-6.24.0"
|
|
print("删除挖矿病毒: %s" % target)
|
|
stdin, stdout, stderr = c.exec_command("rm -rf %s 2>&1" % target, timeout=30)
|
|
out = stdout.read().decode("utf-8","replace").strip()
|
|
err = stderr.read().decode("utf-8","replace").strip()
|
|
if out: print(out)
|
|
if err: print("stderr:", err)
|
|
|
|
# 验证已删除
|
|
stdin, stdout, stderr = c.exec_command("ls -la %s 2>&1" % target, timeout=5)
|
|
check = stdout.read().decode("utf-8","replace").strip()
|
|
if "No such file" in check or "cannot access" in check:
|
|
print("\n[成功] xmrig 病毒目录已删除")
|
|
else:
|
|
print("\n[警告] 删除可能失败:", check[:100])
|
|
|
|
c.close()
|