勒索病毒症状
数据库被恶意删除
恢复原理
mysql中binlog日志用于记录所有更新了数据或者已经潜在更新了数据的所有语句。语句以“事件”的形式保存,它描述数据更改。当我们因为某种原因导致数据库出现故障时,就可以利用binlog日志来挽回(前提是已经配置好了binlog,wcp自动安装包安装后默认是有binlog文件生成的),通过该方式可以恢复大部分知识数据
数据库恢复脚本
mysql安装目录下的data文件夹中有好多类似mysql-bin.000001这样的文件,就是通过这些文件恢复数据的
package com.farm.tool.db;
import java.io.File;
import java.io.IOException;
import java.sql.DriverManager;
import java.sql.SQLException;
import com.github.shyiko.mysql.binlog.event.Event;
import com.github.shyiko.mysql.binlog.BinaryLogFileReader;
import com.github.shyiko.mysql.binlog.event.deserialization.ChecksumType;
import com.github.shyiko.mysql.binlog.event.deserialization.EventDeserializer;
import com.mysql.jdbc.Connection;
import com.mysql.jdbc.PreparedStatement;
public class ReadBinlog {
public static void main(String[] args) throws IOException {
for (int n = 1; n <= 8; n++) {
if (n > 9) {
runBinlog("mysql-bin.0000" + n);
} else {
runBinlog("mysql-bin.00000" + n);
}
}
}
public static void runBinlog(String fileName) throws IOException {
System.out.println(fileName);
String filePath = "D:\\test\\data\\" + fileName;
File binlogFile = new File(filePath);
EventDeserializer eventDeserializer = new EventDeserializer();
eventDeserializer.setChecksumType(ChecksumType.NONE);
BinaryLogFileReader reader = new BinaryLogFileReader(binlogFile, eventDeserializer);
int n = 0;
try {
for (Event event; (event = reader.readEvent()) != null;) {
try {
if (event.getData() != null && (event.getData().toString().indexOf("farm_") >= 0
|| event.getData().toString().indexOf("alone_") >= 0
|| event.getData().toString().indexOf("wcp_") >= 0)) {
n++;
String sql = event.getData().toString();
sql = sql.substring(sql.indexOf("sql") + 5);
sql = sql.substring(0, sql.lastIndexOf("'}"));
System.out.println(fileName);
System.out.println(sql);
insert(sql);
}
} catch (Exception e) {
e.printStackTrace();
}
}
} finally {
reader.close();
}
System.out.println(n);
}
private static Connection getConn() {
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://localhost:3399/wcp2";
String username = "root";
String password = "root";
Connection conn = null;
try {
Class.forName(driver); // classLoader,加载对应驱动
conn = (Connection) DriverManager.getConnection(url, username, password);
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
return conn;
}
private static int insert(String sql) {
Connection conn = getConn();
int i = 0;
PreparedStatement pstmt;
try {
pstmt = (PreparedStatement) conn.prepareStatement(sql);
i = pstmt.executeUpdate();
pstmt.close();
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
return i;
}
}
maven依赖
<dependency>
<groupId>com.github.shyiko</groupId>
<artifactId>mysql-binlog-connector-java</artifactId>
<version>0.13.0</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.29</version>
</dependency>