PHP测试MySQL数据库连接是否正常

$db_host = "数据库地址";
$db_user = "数据库用户名";
$db_pwd = "数据库密码";
$db_name = "数据库名";
$db_prefix = "数据库表前缀";
$link = @mysql_connect($db_host, $db_user, $db_pwd);
if(!$link){
exit("mysql connect failed");
}
else{
echo "mysql connect success";
}
if(!mysql_select_db($db_name, $link)){
exit("database ".$db_name." connct failed");
}
else{
echo "database ".$db_name." connect success";
}
$sql = "Select * from 某个表";
$result = mysql_query($sql);
echo $result;
while($row = mysql_fetch_row($result))
print_r($row);

IIS网站ftp用户磁盘配额查看与修改

查看磁盘配额比较简单,进入网站所在磁盘,然后右键——选择属性——配额——之后会列出所有ftp用户的空间配额,我们便可以查看和修改

有时候会遇到用户较多列出ftp用户名很慢的情况,这个时候可以通过查询用户sid来定位,

如下图可以看到登录名只列出了sid,列出ftp用户名较慢

 

这个时候我们可以通过下面的命令来查询对应用户的磁盘配额

fsutil.exe quota query D: > 1.txt

打开1.txt然后搜索对应用户名即可找到对应的配额,

有时候我们想在上面配额中进行修改,但是ftp显示的慢,我们可以通过sid来定位用户

wmic useraccount get name,sid |findstr ftp用户名

举个例子查看Guest的sid

查找到对应的sid以后,对配额那个进行下排序,即可很快找到对应的用户

TeamTNT挖矿木马变种再袭

最近遇到TeamTNT挖矿木马,新建了hilde用户,top ps等命令被修改,挖矿进程被隐藏,这里有一篇详细的分析文章,写得很好,放此收藏

TeamTNT挖矿木马变种再袭,影响上千云主机,应用腾讯云SOC可轻松处置 (qq.com)

特点:

(1)在清除竞品挖矿进程后,使用带有“TeamTNT is watching you!”字样的LOCKFILE字符串覆盖相关进程的源文件;
(2)通过计划任务、系统服务、用户profile文件等多种方式进行持久化;
(3)篡改系统ps、top、pstree等命令,隐藏自身木马进程;
(4)篡改系统与重启相关的命令和服务,防止用户重启主机;
(5)改用Redis未授权访问漏洞对云服务器进行横向攻击传播

挖矿木马相关地址:

DOMAIN:
oracle.zzhreceive.top
xmr-asia1.nanopool.org (矿池)
gulf.moneroocean.stream(矿池)
donate.v2.xmrig.com(矿池)

MD5:
bf68dfba47df6c6023ce82686ce68429
58426b3626aea9d1f96c7b8d18ac5ad0
38ba92aafbe6e0f8917eef0eebb624a8
94a3ea919da87035eae05403c00782fd

URL:
hxxp://oracle.zzhreceive.top/b2f628/idcheck/
hxxp://oracle.zzhreceive.top/b2f628/cryptostart
hxxp://oracle.zzhreceive.top/b2f628/cryptonotfount
hxxp://oracle.zzhreceive.top/b2f628/authfailed
hxxp://oracle.zzhreceive.top/b2f628/authok
hxxp://oracle.zzhreceive.top/b2f628/authfailedroot
hxxp://oracle.zzhreceive.top/b2f628/authokroot
hxxp://85.214.149.236:443/sugarcrm/themes/
default/images/mod.jpg
hxxp://85.214.149.236:443/sugarcrm/themes/
default/images/stock.jpg
hxxps://github.com/xmrig/xmrig/releases/
download/v6.10.0/xmrig-6.10.0-linux-static-x64.tar.gz
hxxp://oracle.zzhreceive.top/b2f628/b.sh
hxxp://oracle.zzhreceive.top/b2f628/father.jpg
hxxp://oracle.zzhreceive.top/b2f628/cf.jpg
hxxp://oracle.zzhreceive.top/b2f628/cf.jpg
hxxp://oracle.zzhreceive.top/
b2f628fff19fda999999999/b.sh
hxxp://oracle.zzhreceive.top/
b2f628fff19fda999999999/iss.sh
hxxp://oracle.zzhreceive.top/
b2f628fff19fda999999999/1.0.4.tar.gz
hxxp://oracle.zzhreceive.top/b2f628/p.tar
hxxp://oracle.zzhreceive.top/b2f628/scan
hxxp://oracle.zzhreceive.top/b2f628/rss.sh

钱包地址:
43Xbgtym2GZWBk87XiYbCpTKGPBTxYZZW
i44SWrkqqvzPZV6Pfmjv3UHR6FDwvPgePJyv9
N5PepeajfmKp1X71EW7jx4Tpz.pokemon6

简单的ping监控主机存活并发送钉钉告警shell脚本

一个简单的需求,通过shell脚本用ping监控主机,5分钟ping一次,发现ping不通的主机就发消息到钉钉上面

两个文件一个check.sh,一个ip.txt

ip.txt一行一个IP,

Linux添加计划任务,5分钟执行一次

crontab -e
添加 */5 * * * * /root/dingtalk/check.sh

check.sh代码,加粗的地方为要修改的

#!/bin/bash
date=`date +"%m月%d日%H时%M分%S秒"`
dingtalkapi="https://oapi.dingtalk.com/robot/send?access_token=xxxxx"

logfile="/root/dingtalk/ping.log"

function dingtalk(){
    curl "$dingtalkapi" -H 'Content-Type: application/json; charset=UTF-8' -d "{\"msgtype\": \"text\",\"text\": { \"content\":\" ---!注意 !丢包率$per %---
    $1 速度 $avg ms
    $date \" }}"
}

for i in `cat /root/dingtalk/ip.txt`;
do
    IP=`echo $i |awk '{print $1}'`
    des=`echo $i|awk '{print $2}'`
    date=`date +"%m月%d日%H时%M分%S秒"`
    ping -w 5 -i 0.2 -c 10 $IP > $logfile
    per=`awk '/loss/{printf("%2d", $6)}' $logfile`
    avg=`awk '/avg/{print $5}' $logfile`

    if [ $per -qt 30 ] ; then
        dingtalk $IP
    fi
done

代码截图

下载代码dingtalk

 

卸载腾讯云(/轻量)云服务器监控软件

有时候需要卸载腾讯云的一些安全检测软件,可以使用如下命令进行卸载,

注意,会导致面板监控不到一些服务器的性能信息

依次复制下面命令执行

/usr/local/qcloud/stargate/admin/uninstall.sh
/usr/local/qcloud/YunJing/uninst.sh
/usr/local/qcloud/monitor/barad/admin/uninstall.sh
cd /usr/local/ && rm -rf sa

 

powershell批量获取远程服务器hperv虚拟机磁盘信息

比如获取远程服务器的hyperv虚拟机的磁盘路径,

把远程主机名添加到servername,循环读取

Foreach ($servername in Get-Content servername.txt ){
Write-Host -------------- $servername -----------------------
write-host --------------------------------------------------
$Session = New-PSSession -ComputerName $servername
Enter-PSSession -Session $Session -Verbose
Invoke-Command -Session $Session -ScriptBlock{
Foreach ($vmname in (Get-VM).Name){
Write-Host $vmname (Get-VM -Name $vmname).State (Get-VMHardDiskDrive -VMName $vmname).Path}
exit
}
Remove-PSSession -id (Get-PSSession).Id
write-host --------------------------------------------------
}

USB启动盘制作工具balenaEtcher

分享一个制作USB启动盘的工具,balenaEtcher

balena-io/etcher: Flash OS images to SD cards & USB drives, 

Debian and Ubuntu based Package Repository (GNU/Linux x86/x64)

      1. Add Etcher Debian repository:

        curl -1sLf \
           'https://dl.cloudsmith.io/public/balena/etcher/setup.deb.sh' \
           | sudo -E bash
      2. Update and install:

        sudo apt-get update
        sudo apt-get install balena-etcher-electron

YUM

      1. Add Etcher rpm repository:

        curl -1sLf \
           'https://dl.cloudsmith.io/public/balena/etcher/setup.rpm.sh' \
           | sudo -E bash
      2. Update and install:

        sudo yum install -y balena-etcher-electron

其他系统可以参考github项目地址,