amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.
drmike

drmike

100% Tier-1 Gogent
Someone somewhere said CVPS has 8 servers that are messed up.  In their world that would be 400-800 VPS containers.

They are unsure if Adam/Kevin patched things yesterday...  Ba-dumb!
 
N

netnub

New Member
This is what happens when you don't have good security.

Now, where shall I release more zero day vulnerabilities :D?

If you search hard enough you'll find I released a zero-day on the admin login page which allowed the use of eval() which you could easily compromise server from it. I've only released it to show how SHITTY solusvm is.

They don't properly clean the submitted data.
 
Last edited by a moderator:
vanarp

vanarp

Active Member
netnub said:
If you search hard enough you'll find I released a zero-day on the admin login page which allowed the use of eval() which you could easily compromise server from it. I've only released it to show how SHITTY solusvm is.
Click to expand...
 
When did you release it?
 
Jack

Jack

Active Member
netnub said:
As I stated in a lowendbox post, I was going to release it in 8 hours from when I posted yesterday, and I did.
Click to expand...

Want some advice?

Stop wasting your time on a control panel as that 290px-LG_L194WT-SF_LCD_monitor.jpgwill soon turn into 
jail-bars.jpg
 
N

netnub

New Member
Jack said:
Want some advice?

Stop wasting your time on a control panel as that 290px-LG_L194WT-SF_LCD_monitor.jpgwill soon turn into 
jail-bars.jpg
Click to expand...
Want some advice?

kFgtEzG.png

doesn't scare me.

What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
 
FHN-Eric

FHN-Eric

Member
Verified Provider
Good thing I'm running Virtualizor. Even more of a reason to not switch to solus. Now if only Virtualizor could prevent httpd from going down every 4 hours or so.
 
Jack

Jack

Active Member
netnub said:
Want some advice?

kFgtEzG.png

doesn't scare me.

What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
Click to expand...
You know what you've done to CVPS?

If you don't have Solus on your arse, I'm sure Chris is going to want words at a minimum with you.
 
Jack

Jack

Active Member
netnub said:
Want some advice?

kFgtEzG.png

doesn't scare me.

What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
Click to expand...
You know what you've done to CVPS?

If you don't have Solus on your arse, I'm sure Chris is going to want words at a minimum with you.
 
N

netnub

New Member
FHN-Eric said:
Good thing I'm running Virtualizor. Even more of a reason to not switch to solus. Now if only Virtualizor could prevent httpd from going down every 4 hours or so.
Click to expand...
Have you considered running a script to see if httpd is down, if it is start it up?
 
N

netnub

New Member
FHN-Eric said:
Good thing I'm running Virtualizor. Even more of a reason to not switch to solus. Now if only Virtualizor could prevent httpd from going down every 4 hours or so.
Click to expand...
Have you considered running a script to see if httpd is down, if it is start it up?
 
MartinD

MartinD

Retired Staff
Verified Provider
Retired Staff
netnub said:
What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
Click to expand...
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
 
MartinD

MartinD

Retired Staff
Verified Provider
Retired Staff
netnub said:
What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
Click to expand...
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
 
N

netnub

New Member
MartinD said:
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
Click to expand...
Maybe we should stop twittling our thumbs and do something about it?

The following code has been obfuscated for solusvms security:

KRlaOS0.png
 
N

netnub

New Member
MartinD said:
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
Click to expand...
Maybe we should stop twittling our thumbs and do something about it?

The following code has been obfuscated for solusvms security:

KRlaOS0.png
 
Status
Not open for further replies.
Top
amuck-landowner