-
加我微信(17813235971)
加我QQ(107644445)
标签云
asm恢复 bbed bootstrap$ dul In Memory kcbzib_kcrsds_1 kccpb_sanity_check_2 MySQL恢复 ORA-00312 ORA-00607 ORA-00704 ORA-00742 ORA-01110 ORA-01555 ORA-01578 ORA-01595 ORA-08103 ORA-600 2131 ORA-600 2662 ORA-600 3020 ORA-600 4000 ORA-600 4137 ORA-600 4193 ORA-600 4194 ORA-600 16703 ORA-600 kcbzib_kcrsds_1 ORA-600 KCLCHKBLK_4 ORA-15042 ORA-15196 ORACLE 12C oracle dul ORACLE PATCH Oracle Recovery Tools oracle加密恢复 oracle勒索 oracle勒索恢复 oracle异常恢复 Oracle 恢复 ORACLE恢复 ORACLE数据库恢复 oracle 比特币 OSD-04016 YOUR FILES ARE ENCRYPTED 勒索恢复 比特币加密文章分类
- Others (2)
- 中间件 (2)
- WebLogic (2)
- 操作系统 (103)
- 数据库 (1,765)
- DB2 (22)
- MySQL (77)
- Oracle (1,606)
- Data Guard (52)
- EXADATA (8)
- GoldenGate (24)
- ORA-xxxxx (166)
- ORACLE 12C (72)
- ORACLE 18C (6)
- ORACLE 19C (15)
- ORACLE 21C (3)
- Oracle 23ai (8)
- Oracle ASM (69)
- Oracle Bug (8)
- Oracle RAC (54)
- Oracle 安全 (6)
- Oracle 开发 (28)
- Oracle 监听 (29)
- Oracle备份恢复 (588)
- Oracle安装升级 (97)
- Oracle性能优化 (62)
- 专题索引 (5)
- 勒索恢复 (86)
- PostgreSQL (30)
- pdu工具 (6)
- PostgreSQL恢复 (9)
- SQL Server (32)
- SQL Server恢复 (13)
- TimesTen (7)
- 达梦数据库 (3)
- 达梦恢复 (1)
- 生活娱乐 (2)
- 至理名言 (11)
- 虚拟化 (2)
- VMware (2)
- 软件开发 (39)
- Asp.Net (9)
- JavaScript (12)
- PHP (2)
- 小工具 (22)
-
最近发表
- tcp连接过多导致监听TNS-12532 TNS-12560 TNS-00502错误
- 文件系统格式化MySQL数据库恢复
- .sstop勒索加密数据库恢复
- 解决一次硬件恢复之后数据文件0kb的故障恢复case
- Error in invoking target ‘libasmclntsh19.ohso libasmperl19.ohso client_sharedlib’问题处理
- ORA-01171: datafile N going offline due to error advancing checkpoint
- linux环境oracle数据库被文件系统勒索加密为.babyk扩展名溯源
- ORA-600 ksvworkmsgalloc: bad reaper
- ORA-600 krccfl_chunk故障处理
- Oracle Recovery Tools恢复案例总结—202505
- ORA-600 kddummy_blkchk 数据库循环重启
- 记录一次asm disk加入到vg通过恢复直接open库的案例
- CHECKDB 发现了 N 个分配错误和 M 个一致性错误
- 达梦数据库dm.ctl文件异常恢复
- Oracle Recovery Tools修复ORA-00742、ORA-600 ktbair2: illegal inheritance故障
- 可能是 tempdb 空间用尽或某个系统表不一致故障处理
- 11.2.0.4库中遇到ORA-600 kcratr_nab_less_than_odr报错
- [MY-013183] [InnoDB] Assertion failure故障处理
- Oracle 19c 202504补丁(RUs+OJVM)-19.27
- Oracle Recovery Tools修复ORA-600 6101/kdxlin:psno out of range故障
年归档:2022
.babyk加密数据库恢复
有朋友找到我们,oracle数据库所在机器文件被加密(扩展名为:.babyk),咨询我们是否可以恢复
How To Restore Your Files.txt文件内容为:
What Happened to My Computer? Your important files are encrypted. Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without Can I Recover My Files? Sure. We guarantee that you can recover all your files safely and easily. But you have not so enough time.if you want to decrypt all your files, you need to pay. You only have 3 days to submit the payment. After that the price will be doubled. Also, if you don't pay in 7 days, you won't be able to recover your files forever. How Do I Pay? Payment is accepted in Monero only. If you don’t know what Monero is, please Google for information on how to buy and pay for Monero. Send $10000 worth of monero to this address: 88D7gE1jUbmPBjdFsvR8FugHA4ZZY9H6NHy9ZkWec7c4iYiATW5cpuAYoRbBq2ePoFeBgpzZunGLXgCTPmAfDU8V1qZmgUv ID:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx After the payment is completed, please send the payment picture and ID to sdfca4s654asd@protonmail.com. After we confirm your payment amount, we will reply to the decryption program to your email address. Warning: Don't try to decrypt by yourself, you may permanently damage your files.
通过检测文件损坏情况
基本上可以确认该加密方式为间隔加密,每10MB间隔加密1MB,对于这种情况,通过底层技术处理,可以把90%左右的数据正常恢复出来,最大限度减少数据损失.如果遇到此类勒索加密,可以联系我们进行核心数据恢复
电话/微信:17813235971 Q Q:107644445
E-Mail:dba@xifenfei.com
.mallox加密数据库恢复
有客户数据库被加密,扩展名为:.mallox,对应的RECOVERY INFORMATION.txt文件信息
被加密数据文件情况
有oracle数据库的.dbf.mallox,sql server数据库的.mdf.mallox和.bak.mallox,通过底层分析,确认损坏的block不多
通过数据库层面技术处理,实现数据恢复
系统安全防护措施建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
9.保存良好的备份习惯,尽量做到每日备份,异地备份。
ORA-600 6807恢复
有朋友找到我,反馈说数据库登录报ORA-600 6807错误,希望我们给予解决
对于该错误有过一定的了解,一般是seq问题,这里报错比较明显是由于audses$序列出现问题导致数据库无法正常登录(因为数据库启动了审计,在登录之时会触发insert aud$操作,这个操作包含了audses$这个序列的调用,在调用这个序列的时候出现问题从而引起该问题),对其system数据文件dbv检查
比较明显有一个block被标记为坏块,通过对该block进行分析,确认刚好是seq$对象
DUL> rdba 4195465
rdba : 0x00400489=4195465
rfile# : 1
block# : 1161
DUL> desc sys.seq$
Object ID:100
Storage(Obj#=100 DataObj#=100 TS#=0 File#=1 Block#=1160 Cluster=0)
NO. SEG INT Column Name Null? Type
--- --- --- ------------------------------ --------- ------------------------------
1 1 1 OBJ# NOT NULL NUMBER
2 2 2 INCREMENT$ NOT NULL NUMBER
3 3 3 MINVALUE NUMBER
4 4 4 MAXVALUE NUMBER
5 5 5 CYCLE# NOT NULL NUMBER
6 6 6 ORDER$ NOT NULL NUMBER
7 7 7 CACHE NOT NULL NUMBER
8 8 8 HIGHWATER NOT NULL NUMBER
9 9 9 AUDIT$ NOT NULL VARCHAR2(38)
10 10 10 FLAGS NUMBER
11 11 11 PARTCOUNT NUMBER
DUL> dump datafile 1 block 1160
Block Header:
block type=0x10 (data segment header block (unlimited extents))
block format=0xa2 (oracle 10+)
block rdba=0x00400488 (file#=1, block#=1160)
scn=0x0000.001a3fcd, seq=2, tail=0x3fcd1002
block checksum value=0xe280=57984, flag=4
Data Segment Header:
Extent Control Header
-------------------------------------------------------------
Extent Header:: extents: 1 blocks: 7
last map: 0x00000000 #maps: 0 offset: 4128
Highwater:: 0x0040048d (rfile#=1,block#=1165)
ext#: 0 blk#: 4 ext size:7
#blocks in seg. hdr's freelists: 1
#blocks below: 4
mapblk: 0x00000000 offset: 0
Map Header:: next: 0x00000000 #extents: 1 obj#: 100 flag: 0x40000000
Extent Control Header
-------------------------------------------------------------
0x00400489 length: 7
nfl = 1, nfb = 1, typ = 1, nxf = 0, ccnt = 4
SEG LST:: flg: USED lhd: 0x0040048c ltl: 0x0040048c
DUL> rdba 0x00400489
rdba : 0x00400489=4195465
rfile# : 1
block# : 1161
DUL>
通过修复使用我们的Oracle recovery tools小工具,或者参考:校验代码为 6054 坏块故障修复进行修复,然后数据库用户可以正常登录
