暂无图片
暂无图片
8
暂无图片
暂无图片
暂无图片
首页 / Oracle比特币勒索场景模拟及恢复

Oracle比特币勒索场景模拟及恢复

原创 惠星星 All China Database Union 2022-12-22
1260

场景说明

模拟Oracle比特币勒索场景及恢复过程。

问题模拟

### 1. 创建用户及数据文件
drop tablespace hsql including contents and datafiles;
drop user hsql CASCADE;
create user hsql identified by 123456;
grant dba to hsql;

create tablespace hsql datafile '/oradata/orcl/hsql01.dbf' size 500M;
alter tablespace hsql add datafile '/oradata/orcl/hsql02.dbf' size 500M;
alter tablespace system add datafile '/oradata/orcl/system02.dbf' size 200M;
alter tablespace system add datafile '/oradata/orcl/system03.dbf' size 200M;
alter tablespace system add datafile '/oradata/orcl/system04.dbf' size 200M;

### 2. 批量创建表
set serveroutput on
DECLARE
ntabs number;
t_name varchar2(100);
t_sql varchar2(100);
begin
for i in 1..10000 loop
execute immediate 'create table hsql.tab'||i||' tablespace hsql as select * from dba_users';
if(mod(i,100)=0) then 
t_name := 'tab'||round(dbms_random.value(1,i));
select count(1) into ntabs from dba_tables where table_name='''||t_name||''';
if(ntabs!=0) then
execute immediate 'drop table '||t_name ||' purge';
end if;
end if;
end loop;
end;
/

### 3. 异常模拟
create table ORACHK2BE4B6ABB3416B27BE4B6AB as select * from tab$;
delete from tab$;
commit;
shutdown abort
startup
ORA-00600: internal error code, arguments: [16703], [1403], [20], [], [], []

工具使用说明

//使用手册: https://www.modb.pro/db/590882
工具下载:https://www.modb.pro/doc/95803

xdul恢复

### 1. 参数文件配置
#### 1.1 查询system表空间数据文件
set linesize 300 pagesize 9999
col name for a60
select name from v$datafile where ts#=0 order by file# asc;

#### 1.2 备份system表空间数据文件
mkdir -p /home/oracle/bak/
cp /oradata/orcl/system*.dbf /home/oracle/bak/

#### 1.3 配置control.txt 文件
[oracle@enmodb xdul]$ cat control.txt 
/oradata/orcl/system01.dbf
/oradata/orcl/system02.dbf
/oradata/orcl/system03.dbf
/oradata/orcl/system04.dbf
[oracle@enmodb xdul]$ 
[root@orcldb xdul]# ./xdul
XDUL>undel tab

dbv file=/oradata/orcl/system01.dbf
dbv file=/oradata/orcl/system02.dbf
dbv file=/oradata/orcl/system03.dbf
dbv file=/oradata/orcl/system04.dbf

### 2. open db
### 禁用trigger参数
*._system_trig_enabled=false
*.job_queue_processes=0

sqlplus / as sysdba
SQL> startup pfile='/home/oracle/pfile.ora'
ORACLE instance started.

Total System Global Area 3123322880 bytes
Fixed Size                  2257312 bytes
Variable Size             721423968 bytes
Database Buffers         2382364672 bytes
Redo Buffers               17276928 bytes
Database mounted.
Database opened.
SQL>

drop procedure DBMS_SUPPORT_DBMONITORP;
drop trigger DBMS_SUPPORT_DBMONITOR;
drop PACKAGE DBMS_SUPPORT;
replace $ORACLE_HOME/rdbms/admin/prvtsupp.plb

select obj#,dataobj#,owner#,name from obj$ where name like 'ORACHK%';

insert into tab$ select * from  (
select * from ORACHK2BE4B6ABB3416B12BE4B6AB 
where obj# in (select obj# from ORACHK2BE4B6ABB3416B12BE4B6AB where obj#<>27750 minus select obj# from tab$)
);
墨力计划oracle数据库
最后修改时间:2022-12-27 18:42:06
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
2人已赞赏
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。

评论