amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.

FHN-Eric

Member
Verified Provider
Personally, I'd like to see proof that anything that this curtis guy said he did is true. All of the stuff he posted till now is pretty much BS, including the parts of the Solus code he posted. 
Couldnt have said it better myself. 
 

MartinD

Retired Staff
Verified Provider
Retired Staff
Personally, I'd like to see proof that anything that this curtis guy said he did is true. All of the stuff he posted till now is pretty much BS, including the parts of the Solus code he posted. 
Well, he claims to have the full, unencoded version of Solus... yet he posts a snippet of code that's encoded. :blink:
 

netnub

New Member
Well, he claims to have the full, unencoded version of Solus... yet he posts a snippet of code that's encoded. :blink:
Yes, I stated in a above post which you removed that "for solusvm security, here is obfuscated version" which is obfuscated functions/variables.
 

MartinD

Retired Staff
Verified Provider
Retired Staff
Ah, their security.

Still not contacted them I presume? You know, for their and everyone else's security?
 

FHN-Eric

Member
Verified Provider
Well thats good, the ticket is under managent review :) amazing at what requesting managent to see it can do. I'll let you know what managent says when they reply.

solus2.png
 

Craig0ry

New Member
@netnub

I can't really see you proving you've found anything. This topic is beyond a joke, looks like CVPS didn't patch quick enough like they stated. So now everyone is turning off SolusVM all because these idiots lied to cover there ass and this NetNub is making false claims!

Read SolusVM blog - it seems to be all rumours
 

MannDude

Just a dude
vpsBoard Founder
Moderator
Netnub has posted source. He's sent a PM to myself with the source code as well.

I don't think it's wise to post these publicly, it's best SolusVM reviews and patches first. We don't want more hosts being impacted. I've seen some of the hits this forum has gotten from Google and judging my certain search phrases that are bringing them here I can guarantee if the source was posted on here it'd be used for anything but good.
 

Jono20201

New Member
Verified Provider
Now now. Let's try to keep this on topic.

Those of you with servers at CVPS, have they sent out client wide emails yet informing their clients to reset passwords? Any official word from them?

I don't see anything on their Twitter or Facebook, so curious if they're taking this instance more serious than the last one. Are all the VPSes back online now?
Last email I have from them is an Invoice.
 

CVPS_Chris

New Member
Verified Provider
looks like CVPS didn't patch quick enough like they stated.
We most certainly did, please do not call us a liar. Just like the first hack in November Solus said nothing was wrong on their end, and then Ramnode happened and this happened.

I even asked Phil if its a possibility that hack from RamNode was the same in November and he said YES. Of course they will call it rumors so they dont look bad and the terrible product they released.
 

notFound

Don't take me seriously!
Verified Provider
Netnub has posted source. He's sent a PM to myself with the source code as well.

I don't think it's wise to post these publicly, it's best SolusVM reviews and patches first. We don't want more hosts being impacted. I've seen some of the hits this forum has gotten from Google and judging my certain search phrases that are bringing them here I can guarantee if the source was posted on here it'd be used for anything but good.
I have seen the source to and can confirm that there are some examples of really bad coding (which I have sent to SolusVM and hence those "blocks of code" refered to here http://blog.soluslabs.com/2013/06/18/statement-regarding-current-security-rumours/ which I'm sure others have notified them of too). Also, I do agree it's unwise to release source here, once it gets in the wrong hands.. Well I'm sure it already is in the wrong hands already but we don't want more.
 
Last edited by a moderator:

Craig0ry

New Member
 Of course they will call it rumors so they dont look bad and the terrible product they released.
Pretty much same as what you've done. Blamed it on SolusVM? How come i know websites still running SolusVM and they've not been hacked? Bit mysterious that.........
 

MannDude

Just a dude
vpsBoard Founder
Moderator
CVPS_Chris, since you are here:

1.) Why have you not informed your clients yet? C'mon man. You should have learned from the other hack. Don't leave your clients in the dark. Just send out a mass email like all the other hosts have and explain the situation.

2.) Still going to deny the Adam = Kevin thing? I had a shit-ton of proof but was waiting to post it when (or if ever) prompted for it. Looks like I don't need to post my proof anymore.

3.) What has been impacted aside from the DB being leaked? What sort of issues are you guys experiencing? Data loss? Corrupt files? What's going on?
 
Last edited by a moderator:

Navarr

New Member
Hey guys, CVPS customer here, just checking in.

I've got a buffalo server and it's completely up and running.  

SSH, HTTP, nothing seems affected but control panel. - No Contact from CVPS


navarr@navarr:~$ uptime
 09:32:20 up 30 days, 18:32,  2 users,  load average: 0.04, 0.05, 0.00
It's a shame that passwords were leaked, in what looks to be a SHA1 hash - which speaks loads to the security of the system (why are they not using an actual secure password system?  

Anyone who's ANYONE in the PHP world knows to use Bcrypt instead of SHA1), which would at the very least prevent rainbow tables!
 
Last edited by a moderator:
Status
Not open for further replies.
Top
amuck-landowner