amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.

drmike

100% Tier-1 Gogent
Someone somewhere said CVPS has 8 servers that are messed up.  In their world that would be 400-800 VPS containers.

They are unsure if Adam/Kevin patched things yesterday...  Ba-dumb!
 

netnub

New Member
This is what happens when you don't have good security.

Now, where shall I release more zero day vulnerabilities :D?

If you search hard enough you'll find I released a zero-day on the admin login page which allowed the use of eval() which you could easily compromise server from it. I've only released it to show how SHITTY solusvm is.

They don't properly clean the submitted data.
 
Last edited by a moderator:

vanarp

Active Member
If you search hard enough you'll find I released a zero-day on the admin login page which allowed the use of eval() which you could easily compromise server from it. I've only released it to show how SHITTY solusvm is.
 
When did you release it?
 

Jack

Active Member
As I stated in a lowendbox post, I was going to release it in 8 hours from when I posted yesterday, and I did.

Want some advice?

Stop wasting your time on a control panel as that 290px-LG_L194WT-SF_LCD_monitor.jpgwill soon turn into 
jail-bars.jpg
 

netnub

New Member
Want some advice?

Stop wasting your time on a control panel as that 290px-LG_L194WT-SF_LCD_monitor.jpgwill soon turn into 
jail-bars.jpg
Want some advice?

kFgtEzG.png

doesn't scare me.

What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
 

FHN-Eric

Member
Verified Provider
Good thing I'm running Virtualizor. Even more of a reason to not switch to solus. Now if only Virtualizor could prevent httpd from going down every 4 hours or so.
 

Jack

Active Member
Want some advice?

kFgtEzG.png

doesn't scare me.

What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
You know what you've done to CVPS?

If you don't have Solus on your arse, I'm sure Chris is going to want words at a minimum with you.
 

Jack

Active Member
Want some advice?

kFgtEzG.png

doesn't scare me.

What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
You know what you've done to CVPS?

If you don't have Solus on your arse, I'm sure Chris is going to want words at a minimum with you.
 

netnub

New Member
Good thing I'm running Virtualizor. Even more of a reason to not switch to solus. Now if only Virtualizor could prevent httpd from going down every 4 hours or so.
Have you considered running a script to see if httpd is down, if it is start it up?
 

netnub

New Member
Good thing I'm running Virtualizor. Even more of a reason to not switch to solus. Now if only Virtualizor could prevent httpd from going down every 4 hours or so.
Have you considered running a script to see if httpd is down, if it is start it up?
 

MartinD

Retired Staff
Verified Provider
Retired Staff
What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
 

MartinD

Retired Staff
Verified Provider
Retired Staff
What are they going to do, sue me for helping them get better security? I already attempted to contact them, they failed to do anything.
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
 

netnub

New Member
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
Maybe we should stop twittling our thumbs and do something about it?

The following code has been obfuscated for solusvms security:

KRlaOS0.png
 

netnub

New Member
I STRONGLY suggest you contact them again, i.e. immediately, with whatever information you have.
Maybe we should stop twittling our thumbs and do something about it?

The following code has been obfuscated for solusvms security:

KRlaOS0.png
 
Status
Not open for further replies.
Top
amuck-landowner