ZPanel Hacked

[mojeda]

http://www.reddit.com/r/netsec/comments/1ee0eg/zpanel_support_team_calls_forum_user_fucken/

A LET reader went to ZPanel forums to check up on if it was safe to use ZPanel due to the wide knowledge that it has many security flaws. PS2Guy was prompt to say that all vulnerabilities were patched in 10.0.1, however joepie responded to remind them that it is not secure.

3 Hours later Joepie got a whopping 100 infraction points for being a "fuckwit."

Redditors are claiming that ZPanel and a few support team member accounts were compromised and the forums and website are now down.

Here is the original thread: http://imgur.com/a/lzRuo

Proof PS2Guy's account was hacked: http://i.imgur.com/l1UQ9dy.png

 

[365Networks]

Pays off to not be ignorant.

 

[drmike]

Nasty situation.

Is this what set off the LET hackathon or what?  Two events seem to overlap even though unrelated.

 

[Mike]

If there are vulnerabilities in the code, that should be their first priority, not arguing with someone over clear facts.

They seem to think that sending it off to a security accessor is enough, unfortunately in this day-n-age, it's not.

 

[perennate]

If there are vulnerabilities in the code, that should be their first priority, not arguing with someone over clear facts.

They seem to think that sending it off to a security accessor is enough, unfortunately in this day-n-age, it's not.

http://forums.zpanelcp.com/showthread.php?27608-ZPanelCP-Server-has-bot-been-compromised

 

[vanarp]

http://forums.zpanel...een-compromised

@joepie91 are we happy with Bobby Allen's response? 

 

[perennate]

@joepie91 are we happy with Bobby Allen's response? 

Strange, links in quotes seem to break?

 

[vld]

 

 

[Eased]

That is rather comical. I agree with the joepie91 user.

 

[Tux]

ssh master race

Do I have to say more?

 

[elusus83]

Wow. Just finding out about this now. That PS2guy is a knucklehead

 

[Licensecart]

Wow. Just finding out about this now. That PS2guy is a knucklehead

I agree, he needs to grow up.

 

[VPSDATABASE]

A lot of stuff is going down!

LET

ZPanel

LR

 

[wlanboy]

I was just planing to use zpanel.

So any alternative or is zpanel as save as any other panel can be?

 

[RiotSecurity]

I was just planing to use zpanel.

So any alternative or is zpanel as save as any other panel can be?

Kloxo, Webmin.

 

[MannDude]

I was just planing to use zpanel.

So any alternative or is zpanel as save as any other panel can be?

I actually kind of like Kloxo. For a free panel it works pretty well. I can't comment on the security of it, but function wise, it works.

 

[Reece-DM]

I actually kind of like Kloxo. For a free panel it works pretty well. I can't comment on the security of it, but function wise, it works.

A better look and it wouldn't be as bad

Ajenti looks like a cool option: http://ajenti.org/

 

[MannDude]

A better look and it wouldn't be as bad

Ajenti looks like a cool option: http://ajenti.org/

Never heard of Ajenti, thanks for sharing.

 

[SeriesN]

A better look and it wouldn't be as bad

Ajenti looks like a cool option: http://ajenti.org/

Buggy as hell and bloated enough for regular usage. 

 

[H_Heisenberg]

^

No it's not. If you install a fresh copy it barely has components installed so it's not bloated. It's not buggy unless you fail to configure the component correctly.