amuck-landowner

RobertClarke/Server Crate back ?

Mun

Never Forget
Ahh here we go.

http://vpsboard.com/topic/733-ramnode-down/page-5  Post#89

Now, second of all, I'm really glad you know what I am thinking.... because half the time I don't :D

You and I both know that your original post, while a joke/troll, was using the word "testing" as a euphemism for trying to take down his network. 

Why would I want to take down his network? There is far better things I can do to make him go away. Like write a review on how shitty his DDOS protection is, or show that there is a root kernel exploit that I tested on his VM node so it became compromised, and I accidentally leaked the data to the world by pressing send to a bunch of people on hackforums. Who then inadvertently share it with everyone.

Mun
 

manacit

New Member
So attacking a server so that it can be seen from the outside world is NOT OKAY, but compromising a system so that you can get root on a node is? I would rather have a DDOS any day.

Mun

P.S. From my recollection, though I can't find it this sec, robert did run rofl.php.
Sending hundreds of thousands of packets per second of bandwidth with the intention of taking a server offline isn't okay. It's not the same as testing a harmless exploit that doesn't hamper the normal operations (unless, of course, you run commands that do - but then you're not testing an exploit!).

If you opened a ticket with Robert, asked to get put in a new node and then initiated a DDoS against it with the purpose of seeing how well your node fared, that would be one thing. Just DDoSing is not the same thing.

If he did run rofl.php I am standing on slightly shakier ground ;)

Edit 2: rofl.php and deleting the data are, of course, not the same thing either. I'm clearly arguing against a group of people who'll never changed their opinions, I'm only trying to stop shitty 16 y/o trolls like Mun from bringing the maturity of this community down. 
 
Last edited by a moderator:

Mun

Never Forget
Sending hundreds of thousands of packets per second of bandwidth with the intention of taking a server offline isn't okay. It's not the same as testing a harmless exploit that doesn't hamper the normal operations (unless, of course, you run commands that do - but then you're not testing an exploit!).

If you opened a ticket with Robert, asked to get put in a new node and then initiated a DDoS against it with the purpose of seeing how well your node fared, that would be one thing. Just DDoSing is not the same thing.

If he did run rofl.php I am standing on slightly shakier ground ;)

Read the post above, and where did I say anywhere that I wouldn't ask / tell him that I would be doing said "test". Most of the people here know me better then that, and I would never do such thing to purposely DDOS someone without there consent. I would have to be an idiot to even do that without asking. It just isn't my thing.

Mun
 
Last edited by a moderator:

manacit

New Member
Read the post above, and where did I say anywhere that I wouldn't ask / tell him that I would be doing said "test". Most of the people here know me better then that, and I would never do such thing to purposely DDOS someone without there consent. I would have to be an idiot to even do that without asking. It just isn't my thing.

Mun
And now you're back tracking, sweet. I'm glad we all agree that it would be idiotic to DDoS someone, even if it was "testing" unless they gave you permission. 
 

Mun

Never Forget
And now you're back tracking, sweet. I'm glad we all agree that it would be idiotic to DDoS someone, even if it was "testing" unless they gave you permission. 

Who said I'm back tracking, other then you of course? Testing is legal, DDOSing for point of trolls isn't. If you have been on LET so long you should know me and know that I wouldn't do that. It seems to me that you really don't anything about this community and really don't know anything about the attack either. Clarke was definitely in the wrong, and I really hope @Nick_A takes him to court and beats his little ass into the ground. It is not only heavily immature of him, but also damaging. 

However, I frankly disagree. If I was on a VPS node, or owned a VPS node. I would much rather be DDOS'd then have a root exploit done. If a root is done, then I have to classify the node as compromised, and at best start fresh. (to be safe of couse) Testing it for laughs isn't a good thing at all. Did you at least contact your provider before testing? I personally have never ran an exploit (knowing) to test to see if I could get root on a node.

Mun
 

manacit

New Member
I don't think anyone but you and I are in the conversation at this point, and I'm not even sure why I'm bothering to argue with a trolly 16 year old on the internet. I must be bored.

I'll quote someone else

Hey now, be a little more careful with those answers. Yes, we all know Mun was joking, but to someone just casually reading through you've just implied that we DDoS other providers.
I was pretty sure that you weren't *actually* going to do anything, but even joking about it at this point is pointless and immature, which you've admitted already. There's a difference between attacking with bandwidth and testing to inform, that's my point. 1m pps can't tell the server that it's there for testing or there for a denial of service attack. I'm done!
 
Last edited by a moderator:

manacit

New Member
I figured you weren't actually 16 ;).

I actually need to get real work done, but since you keep taunting me!

I didn't notice that link actually, that's very interesting - it looks like he tried to access rofl.php, but it 404ed on him because it wasn't actually there. You'd know this if you actually read the post and knew how to read a log, which I'm guessing you don't. What I don't see is him using the exploit to wget it there in the first place, as localhost.re instructed.

I could have gone to every solus install I wanted and tried to access /rofl.php, once again, to notify someone that they'd been breached and to remove the script ASAP since it pretty much is life/death at that point, as we all know.

Ah well, hurts to be beaten by someone who's been consistently calling you stupid I guess.

EDIT: HAHAHA after doing some investigating (looking at your twitter account) it turns out I went to high school with you!
 
Last edited by a moderator:

Magiobiwan

Insert Witty Statement Here
Verified Provider
@manacit Back off, would you? Seriously. Making such a BIG DEAL out of a little bit of humor.
 

HalfEatenPie

The Irrational One
Retired Staff
I might be slightly late to the party, but I personally have negative opinions about RobertClarke, and this is why.

1. RobertClarke has been known to be involved in some pretty shady things and to roll with pretty shady individuals.  In addition, while on paper he may seem "reasonable", I have several logs of him being disrespectful and harassing individuals whom I personally respect (e.g. Nick_A from RamNode).  

2. I was online on IRC during the period the Solus exploit was released.  I witnessed (and have logs) RobertClarke confirming the exploit.  I believe he stated he targeted someone else's installation of Solus to confirm the exploit.  He then continuing to ask who else runs SolusVM (I will admit at that time I was unaware of what specifically was going on because I was performing my own investigations).  

3. We receive confirmation that RobertClarke has attempted the exploit on several other hosts, as well as CVPS.  Is this for malicious intent?  We don't know.  But we do know that RobertClarke initiated the script to start the exploit of the Solus script.  

Now, I'm not sure if he himself initiated the code to delete the nodes, but I do find him on the negative side of the fence for initiating it.  I'm not saying Pen-testing is bad, but I find it unacceptable for him to break the lock on a door and then let someone else (or himself) in.  As far as I'm concerned, he compromised the security of the company and their clients with his "testing", especially with a vulnerability that was going to become "popular" due to the amount of press it received.  

If you want to test someone's system, that's fine.  I'd suggest you contact the individual you're targetting and/or the provider you're targetting first to get the "ok" (even on a VPS "testing" DDoS in my opinion in unacceptable as it may affect the services of the other clients on the same node).   RobertClarke received no agreement or the "yes" to test each provider's Solus installation, again why I dislike him and his operation.  

Really, for anyone else who wanted to "test" their provider's Solus with each new exploit, please don't.  Contact their support department and ask if they've taken care of the security exploit.  It's their job to make sure Solus's exploits are taken care of, and not your job to "test" their security.  Regardless it should be seen as a malicious attempt (because it was an attempt to compromise the provider's systems regardless of the intentions) and you even as a client should not have been there to begin with.  

Unrelated to the entire DDoS debate, @manacit, I apologize but in my perspective you're not this "protector of the underdogs" or "defender of those who can't", but instead an individual who doesn't understand the full situation yet.  I mean obviously you and I will have different opinions on different topics (or this one too) and that's fine, but I'd like for you to please understand the situation before criticizing or attempting to back-hand complement other members here.  

-Pie's Brain Garbles
 
Last edited by a moderator:

manacit

New Member
@manacit Back off, would you? Seriously. Making such a BIG DEAL out of a little bit of humor.
He could have just said "lol i was jokin" and it all would have been put to rest. Thanks for contributing, though! HalfEatenPie even confirmed that even a testing or joking DDoS isn't really appropriate, just sticking up for something that I believe is quite unprofessional and malicious. 

@HalfEatenPie: 

1. I'm not saying, nor have I ever, that Robert has been well behaved - that would be a lie. His dealings with Nick_A especially have been rude. 

2. Perhaps he was trying to check to notify them, perhaps he wanted to delete all of their nodes, it was a bit of a scramble, we don't have proof, he didn't delete any other data (unless he was responsible for CVPS of course, but I doubt that). 

3. Did he go a little to far? That is VERY possible - he probably shouldn't have pen-tested quite as hard as he did. I'm not denying that. What has happened, though, is that he's been made a super-villan, with people actually making an effort to destroy anything he tries, and wishing for him to get prison time. Seriously? That's a bit much, especially when we don't know that he actually deleted any data. 

I'm not saying I agree with everything he did, but everyone is jumping the gun to a pretty extreme level here.

With all do respect, while you might think I don't know the entire picture, I've the discussions and talked to a lot of people and I have about as much of a picture as you do, and I know that we both don't know the whole picture, that's my entire point. I'll refrain from talking about other members when I'm not the brunt of troglodyte-level trolling for the sake of trolling. 
 

mnpeep

New Member
Verified Provider
This is something that I found on my Google Voice inbox on 6/17 (the day after the 0day's discovery), I have no clue if this is Robert, but it definitely sounds a lot like him.

http://i.maxshosting.com/VTnd

The number that called me was 1-661-748-0240, a Skype number

Here's Google's transcript as well: http://i.maxshosting.com/ajjJ
 
Last edited by a moderator:

Mun

Never Forget
LOL What? @mnpeep

@manacit I do think he deserves punishment. Im not sure prison time, but I will let a jury figure that out. On the other hand, I don't like it that WHT removed the posts in the offer section claiming him as a scam. He fully deserves those ramifications. Will it "kill" him. Nah, but he is a Microsoft boy and stealing and destroying is in there blood.

On a more up beat note, when is the flogging?

Mun
 

Jack

Active Member
Hey now, be a little more careful with those answers. Yes, we all know Mun was joking, but to someone just casually reading through you've just implied that we DDoS other providers.
That did kinda read that way but it wasn't my intention, I was simply showing that Robert doesn't have a clue what is he doing compared to Fran and yourself.
 
Last edited by a moderator:

Nick_A

Provider of the year (2014)
Here's the bottom line that people really need to stop dancing around: you don't HACK a provider and tell them after the fact. That's what all this nonsense boils down to.

If you think your provider is vulnerable, you contact them and leave it at that.
 

Mun

Never Forget
Here's the bottom line that people really need to stop dancing around: you don't HACK a provider and tell them after the fact. That's what all this nonsense boils down to.

If you think your provider is vulnerable, you contact them and leave it at that.

So when do we get news on the lawsuit?

Mun
 

kaniini

Beware the bunny-rabbit!
Verified Provider
I have several logs of him being disrespectful and harassing individuals whom I personally respect (e.g. Nick_A from RamNode).
Not that I disagree with anything else in your post, but what exactly does this have to do with anything?
 

mnpeep

New Member
Verified Provider
LOL What? @mnpeep
Just a voicemail I found.

Here's the bottom line that people really need to stop dancing around: you don't HACK a provider and tell them after the fact. That's what all this nonsense boils down to.

If you think your provider is vulnerable, you contact them and leave it at that.
One question remains, are you going to take legal action against him? People are speculating.

If you need more evidence, I have a hard drive that Robert rm -rf'ed back in October because of a bug with Multicraft. It's just sitting there in-case IC3 actually wishes to persue my claim.
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
I am on a weird fence line about this topic :)

I know young Robert was poking at stuff, but can anyone confirm any post-check poking that was done as follow up by Robert?

I was a tinkerer in the darker side of computing before many of you were probably born.   Tinkering, checking, even poking at systems isn't criminal.  Even confirming an exploit that doesn't offline things isn't criminal.  If that's where Robert stopped, then the blow up on him isn't really deserved and no way any charges/suit would stick.

If there is info that shows more than that, a post check hack, dropping files in the OS, etc.  then whole different ballgame.

FYI, I am a RamNode customer. 
 
Top
amuck-landowner