mirrors.oneinstack.com 国内完整包 含恶意代码 #511
Comments
|
oneinstack彻底废了 |
|
以后手动配吧 |
|
今年的第二次了 #487 |
|
服务器被挂马原因正在排查中,请各位用户检查完整包MD5。 |
|
mirrors.oneinstack.com 在海外全部空解析了 |
|
@oneinstack |
|
很显然作者也参与其中,你说服务器被黑了可以信,但是域名备案所有权都改了,这个真没得洗,黑客还要具备shell知识,把包里的代码更改以后,再重新打包。 |
金华市矜贵网络科技有限公司收购现有的几个面板以及安装包主要是为了布局类似宝塔的产品。想依赖oneinstack打开知名度。公司作为项目的投资商。协商的协议为公司为项目提供开发资金,并提供所有服务器资源。但是项目的管理权限以及运维权限都在我手中。目前各位开发者的精力主要是进行新的面板开发,对于出现本次被挂马事故主要原因在于我们没有对项目进行及时的管理。后续会加强安全措施。杜绝该问题的出现 |
近期会对下载源进行更新,以及提供镜像制作的方案 |
能做到这样挂马的只有一类人,那就是对 oneinstack 域名 DNS 和主站有管理权限的人。既然您自称手里还有权限,那么挂马的也就只有您本人。没有第三人能做到这样,因为这根本不是服务器漏洞之流的问题。 而且,您有权限,金华市矜贵网络科技是不是也有权限?光明正大违法犯罪,也是佩服你们蛇鼠一窝的勇气。 另外,Oneinstack.com 现在海外空解析又为哪样? |
|
典型的供应链攻击 |
|
以后还是手动配吧。。。 |
|
从域名我看出来了,这就是一波SEO |
|
我用oneinstack已经很多年了,也跟朋友一直推荐oneinstack,早在几年前我就赞助过oneinstack,虽然不多,百十块钱 但是这次事件让人觉得很诡异,之前5月份已经出现过一次挂马事件了 这次oneinstack和LNMP同时被挂,并且两个挂马的域名同时注册oneinstack.club和lnmp.site 注册时间为2023-08-28 21:43 很难不让人联想,同时两个项目被收购,同时被挂马 并且这家公司运营有一个盗版Mac 软件网站,实在让人之后无法安心的使用oneinstack 一家本身就是做软件的公司,运营一个盗版软件网站,公然侵犯别人的版权 拿什么让我相信这家公司的产品? |
|
呵呵,再问下去,估计借口都找不到了 |
|
向中国网安报警,严查贵州这家公司,同时向公安举报作者参与计算机犯罪的事实并提供相关证据。 |
|
有大佬fork版本 重新维护干净的吗? |
直接git下载仓库,所有的包都从官网链接下载就行了,但是会有一个问题就是有些安装包国内下载会非常慢 |
|
LNMP、Oneinstack 这些主流的脚本同时期被收购,陆续出现挂马问题。应该要报警处理了 |
|
确实给我们老用户很多的不安全隐患担忧 |
|
你妈的 你自己搞的后门吧 你装你妈 直接almalinux yum |
|
金华市矜贵网络科技有限公司 成立于2023年02月08日 陆续拥有了 突然想起了 dedecms ,也就是织梦那个建站论坛 不由得感叹,这是要开始整合,收纳,向收费进攻了 以前那种百花齐芳,看来也只是弹指一挥间不复存在了 |
|
我对高集成度的网页面板没有任何兴趣,oneinstack是我认为最方便的脚本,既能省去安装的麻烦,也能给我留下足够的自定义修改的空间。 既然作者还在添加安全性更改 d777754,那建议尽快放出 mirror.oneinstack.com 的自建方法。如果我没有理解错,只需要将 mirror_link 一值更改,就可以将安装和升级用的源全部替换为自定义源 |
|
|
|
|
|
没啥可狡辩的了 oneinstack不能用了 |
兄弟,可以分享一下“osk.jpg"吗,或者给个样本的MD5,现在访问不到了,想看看干了什么 |
我访问过这个图片,但是没有下载保存,不知道chrome的缓存里还能不能找到这个文件 |
哈哈,兄弟找一找,要是找到的话分享下,谢谢啦 |
|
同捐过款,因为确实节省了不少时间,可惜。 |
卖都卖了,为了钱这点算啥事?没多久就淡化了,你们还在继续骂,钱人赚着潇洒。现在不都这样吗?只要钱赚到了凉了又咋的。 |
虽然这里是 GitHub,但我要提一嘴 “互联网不是法外之地”。 另外,这些作者,和收购的公司,都在中国吧。 点赞!!! |
请问是只需要把options.conf里面的:mirror_link=http://mirrors.oneinstack.com |
我擦呢,好没安全感了怎么办,这个mirror_link能换成啥,有没有大厂弄个镜像啥的啊。 |
|
搜索了一下,应该是直接换options.conf中的mirror_link就行了,只是没有可信的源啊。 ➜ oneinstack git:(main) ✗ grep -r "mirror_link" .
./vhost.sh: [ ! -e acme.sh-master.tar.gz ] && wget -qc ${mirror_link}/oneinstack/src/acme.sh-master.tar.gz
./options.conf:mirror_link=http://mirrors.oneinstack.com
./install.sh: latest_oneinStack_md5=$(curl --connect-timeout 3 -m 5 -s ${mirror_link}/md5sum.txt | grep ${oneinstack_tgz} | awk '{print $1}')
./install.sh: echo "${CFAILURE}Error: The md5 value of the installation package does not match the official website, please download again, url: ${mirror_link}/${oneinstack_tgz}${CEND}"
./include/demo.sh: src_url=${mirror_link}/oneinstack/src/xprober.php && Download_src
./include/demo.sh: src_url=${mirror_link}/oneinstack/src/ocp.php && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/icu4c-${icu4c_ver}-src.tgz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/jemalloc-${jemalloc_ver}.tar.bz2 && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/tengine-${tengine_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/apache/httpd/nghttp2-${nghttp2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/apache/tomcat/v${tomcat10_ver}/apache-tomcat-${tomcat10_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/apache/tomcat/v${tomcat9_ver}/apache-tomcat-${tomcat9_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/apache/tomcat/v${tomcat8_ver}/apache-tomcat-${tomcat8_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/apache/tomcat/v${tomcat7_ver}/apache-tomcat-${tomcat7_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/apache/tomcat/v${tomcat7_ver}/catalina-jmx-remote.jar && Download_src
./include/check_download.sh: [ "${OUTIP_STATE}"x == "China"x ] && DOWN_ADDR_BOOST=${mirror_link}/oneinstack/src || DOWN_ADDR_BOOST=https://downloads.sourceforge.net/project/boost/boost/${boost_ver}
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/mysql-5.5-fix-arm-client_plugin.patch && Download_src
./include/check_download.sh: DOWN_ADDR_PERCONA=${mirror_link}/oneinstack/src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum && Download_src
./include/check_download.sh: [ -z "${PERCONA_TAR_MD5}" ] && PERCONA_TAR_MD5=$(curl -s ${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum | grep ${FILE_NAME} | awk '{print $1}')
./include/check_download.sh: DOWN_ADDR_PERCONA=${mirror_link}/oneinstack/src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum && Download_src
./include/check_download.sh: [ -z "${PERCONA_TAR_MD5}" ] && PERCONA_TAR_MD5=$(curl -s ${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum | grep ${FILE_NAME} | awk '{print $1}')
./include/check_download.sh: DOWN_ADDR_PERCONA=${mirror_link}/oneinstack/src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum && Download_src
./include/check_download.sh: [ -z "${PERCONA_TAR_MD5}" ] && PERCONA_TAR_MD5=$(curl -s ${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum | grep ${FILE_NAME} | awk '{print $1}')
./include/check_download.sh: DOWN_ADDR_PERCONA=${mirror_link}/oneinstack/src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum && Download_src
./include/check_download.sh: [ -z "${PERCONA_TAR_MD5}" ] && PERCONA_TAR_MD5=$(curl -s ${mirror_link}/oneinstack/src/${FILE_NAME}.md5sum | grep ${FILE_NAME} | awk '{print $1}')
./include/check_download.sh: DOWN_ADDR_MongoDB=${mirror_link}/oneinstack/src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libiconv-${libiconv_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/freetype-${freetype_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/debian_patches_disable_SSLv2_for_openssl_1_0_0.patch && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/php5.3patch && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/fpm-race-condition.patch && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/fpm-race-condition.patch && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/fpm-race-condition.patch && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/argon2-${argon2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libsodium-${libsodium_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/argon2-${argon2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libsodium-${libsodium_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/argon2-${argon2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libsodium-${libsodium_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libzip-${libzip_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/argon2-${argon2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libsodium-${libsodium_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libzip-${libzip_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/argon2-${argon2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libsodium-${libsodium_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libzip-${libzip_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/argon2-${argon2_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libsodium-${libsodium_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/libzip-${libzip_ver}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/zend-loader-php5.6-linux-x86_64.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/zend-loader-php5.5-linux-x86_64.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/ZendGuardLoader-70429-PHP-5.4-linux-glibc23-x86_64.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/ZendGuardLoader-php-5.3-linux-glibc23-x86_64.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/loaders.linux-${ARCH}.tar.gz && Download_src
./include/check_download.sh: src_url=${mirror_link}/oneinstack/src/ImageMagick-${imagemagick_ver}.tar.gz && Download_src
./include/check_download.sh: [ "${OUTIP_STATE}"x == "China"x ] && DOWN_ADDR=${mirror_link}/oneinstack/src || DOWN_ADDR=http://www.memcached.org/files
./include/pecl_xdebug.sh: src_url=${mirror_link}/oneinstack/src/webgrind-master.zip && Download_src
./include/pecl_phalcon.sh: src_url=${mirror_link}/oneinstack/src/cphalcon-${phalcon_oldver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/pcre-${pcre_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/ngx_devel_kit.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/lua-nginx-module-${lua_nginx_module_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/luajit2-${luajit2_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/lua-resty-core-${lua_resty_core_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/lua-resty-lrucache-${lua_resty_lrucache_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/pcre-${pcre_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/oneinstack/src/pcre-${pcre_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/apache/tomcat/v${NEW_tomcat_ver}/apache-tomcat-${NEW_tomcat_ver}.tar.gz && Download_src
./include/upgrade_web.sh: src_url=${mirror_link}/apache/tomcat/v${NEW_tomcat_ver}/catalina-jmx-remote.jar && Download_src
./include/upgrade_memcached.sh: [ "${OUTIP_STATE}"x == "China"x ] && DOWN_ADDR=${mirror_link}/oneinstack/src || DOWN_ADDR=http://www.memcached.org/files
./include/fail2ban.sh: src_url=${mirror_link}/oneinstack/src/fail2ban-${fail2ban_ver}.tar.gz && Download_src
./include/upgrade_php.sh: src_url=${mirror_link}/oneinstack/src/fpm-race-condition.patch && Download_src
./include/upgrade_oneinstack.sh: Latest_OneinStack_MD5=$(curl --connect-timeout 3 -m 5 -s ${mirror_link}/md5sum.txt | grep oneinstack.tar.gz | awk '{print $1}')
./include/upgrade_oneinstack.sh: wget --no-check-certificate -qc ${mirror_link}/oneinstack.tar.gz -O /tmp/oneinstack.tar.gz
./include/upgrade_oneinstack.sh: wget -qc ${mirror_link}/scripts/change_jdk_version.sh
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/luajit2-${luajit2_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/lua-resty-core-${lua_resty_core_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/lua-resty-lrucache-${lua_resty_lrucache_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/lua-cjson-${lua_cjson_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/pcre-${pcre_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/ngx_devel_kit.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/lua-nginx-module-${lua_nginx_module_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/luajit2-${luajit2_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/lua-cjson-${lua_cjson_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/pcre-${pcre_ver}.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/ngx_devel_kit.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/lua-nginx-module.tar.gz && Download_src
./include/ngx_lua_waf.sh: src_url=${mirror_link}/oneinstack/src/ngx_lua_waf.tar.gz && Download_src
./backup_setup.sh: wget -qc ${mirror_link}/oneinstack/src/dbxcli-linux-arm -O /usr/local/bin/dbxcli
./backup_setup.sh: wget -qc ${mirror_link}/oneinstack/src/dbxcli-linux-amd64 -O /usr/local/bin/dbxcli |
他这个镜像是自己自建的,不是公共的源,你用到哪些软件包直接自己从官网下载就行了,另外有些软件的包不是官网直接下来就能用的,需要自己改命名 |
照你这么说,开源社区的所有东西都可以投毒???那你还用LINUX干嘛? |
已验顶针,鉴定为sb |
行了,你赶紧把GITHUB账号注销掉吧,跟你吵架是我的错。不跟傻逼论长短。 |
什么时候 把镜像 源 分享一下吧,不管是自建。还是还是手搓,这样大家都简单一点。 |
别TM吵吵,老实点,草泥马的臭傻逼 |
哈哈哈哈笑死了,你中午有起床气?叫个不停 |
别叫!老实点! |
再叫给你栓门口! |
|
@oneinstack @hifocus 建议关闭这个issues 毫无意义的互喷 |
|
@oneinstack @hifocus 建议关闭这个issues 毫无意义的互喷 |
别叫!再叫一口骨头不给你留! |
|
@oneinstack @hifocus 建议关闭这个issues 毫无意义的互喷 |
说了别叫!老实点! |
放松,别叫 |
乖啦,你看现在多乖了,不叫了 |
我只不过说了一句话,你反应那么大干啥呢,每天万把块入账,V我一万看看实力? |
|
怎么老实了哈哈哈哈哈 |
在忙? |
and others
如何复现
mirrors.oneinstack.comCNAME 到seo-one-01.xnsksstack.com,这个域名 DNS 为 DNSPod,国内解析为 CNAMEmirrors.oneinstack.com.w.cdngslb.com.阿里云 CDN(含恶意代码),海外解析为 A47.251.13.6阿里云美国单点结果(pcre-8.45/configure 第 6883 行):
验证 MD5:
The text was updated successfully, but these errors were encountered: