Ping a Specific Port

Question

haemse

Asked: 2016-09-15 11:22:14 +0800 CST2016-09-15 11:22:14 +0800 CST 2016-09-15 11:22:14 +0800 CST

WP in docker container hacked - Server sends Phishing mails - disable container from other OS with the server volume mounted?

772

Wordpress that has not been updated in a docker container on a vServer has probably been hacked since the provider notified me about the server sending phishing mails and deactivated my machine.

Now they let me run a rescue linux from where I can mount the former server SSD. Can anyone tell me how to prevent the specific container from running when the original OS is powered up again? Cause obviously I can't call the docker daemon to set any parameters ...

1 Answers

Voted

BMitch · Answer 1 · 2016-09-15T12:19:02+08:00

Best Answer

BMitch

2016-09-15T12:19:02+08:002016-09-15T12:19:02+08:00

The manual solution would be to delete or move /var/lib/docker/containers. Inside of each sub-folder will be a config.v2.json and hostconfig.json which you may be able adjust by hand, particularly the entry in hostconfig.json for:

"RestartPolicy":{"Name":"always","MaximumRetryCount":0}

which you can try changing to:

"RestartPolicy":{"Name":"","MaximumRetryCount":0}

You can also simply disable the Docker service, depending on how that is launched.

1

WP in docker container hacked - Server sends Phishing mails - disable container from other OS with the server volume mounted?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?