Snapd ###!!! [Child][MessageChannel] Error: (msgtype=0x530005,name=PHttpChannel::Msg_Cancel) Closed channel: cannot send/recv

[동우]

https://www.boannews.com/media/view.asp?idx=76964

먼가 했더니 해킹 당한 거라고 하네요. Snapd 이 기능으로 권한 상승 해서 타고 올라 가는 방법인가 봐요 한번 접속 되면 지속연결 방식 같아요.

아직 리눅스 쪽이나 다 모르고 있나 봐요 보안 패치 해도 소용 없음 신종 같은

sudo systemctl stop snapd.service
sudo systemctl disable snapd.servic
sudo systemctl reenable snapd.service
sudo systemctl stop snapd.service
sudo apt-get remove snap
sudo rm -rf /var/cache/snapd/
sudo apt autoremove --purge snapd gnome-software-plugin-snap
sudo rm -fr ~/snap
snap version
snap find aws
snap install aws-cli
snap remove aws-cli
sudo apt autoremove --purge aws-cli
snap stop --disable nextcloud.apache
systemctl status snap.nextcloud.apache
snap logs nextcloud.mysql
snap set nextcloud ports.http=8080

sudo rm -rf /usr/local/aws

sudo rm /usr/local/bin/aws

---

###!!! [Parent][RunMessage] Error: Channel closing: too late to send/recv, messages will be lost

---

tmp-snap.rootfs_gRmpbj.mount: Succeeded.
Window manager warning: Overwriting existing binding of keysym 32 with keysym 32 (keycode b).
Event with type 8 not holding a GdkDevice. It is most likely synthesized outside Gdk/GTK+
(/usr/lib/firefox/firefox:3482): dconf-WARNING **: 01:14:52.846: Unable to open /var/lib/snapd/desktop/dconf/profile/user: 허가 거부
(root) CMD (   cd / && run-parts --report /etc/cron.hourly)
pam_unix(cron:session): session closed for user root
Failed to load module "canberra-gtk-module"

대충의 증상 모습. 내가 명령한 것이 아니라 올라 타는 모습.

여러가지 키를 대입 하더니 -_-;;

---

https://askubuntu.com/questions/870530/how-to-install-geckodriver-in-ubuntu

https://www.softwaretestinghelp.com/grep-command-in-unix/

geckodriver-v0.24.0-linux64.tar.gz

tar -xvzf geckodriver-v[0-9].[0-9][0-9].[0-9]-linux[0-9][0-9].tar.gz

chmod +x geckodriver

sudo cp geckodriver /usr/local/bin

#!/bin/bash

INSTALL_DIR="/usr/local/bin"

json=$(curl -s https://api.github.com/repos/mozilla/geckodriver/releases/latest)
url=$(echo "$json" | jq -r '.assets[].browser_download_url | select(contains("linux64"))')
curl -s -L "$url" | tar -xz
chmod +x geckodriver
sudo mv geckodriver "$INSTALL_DIR"
echo "installed geckodriver binary in $INSTALL_DIR"

[동우]

https://ethhack.com/2019/02/snapd-flaw-lets-attackers-gain-root-access-on-linux-systems/
https://askubuntu.com/questions/1035915/how-to-remove-snap-store-from-ubuntu

[동우]

https://www.linuxuprising.com/2018/05/malware-found-in-ubuntu-snap-store.html

[동우]

https://hackernoon.com/managing-ubuntu-snaps-the-stuff-no-one-tells-you-625dfbe4b26c