amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.

drmike

100% Tier-1 Gogent
Umm link doesn't work on CVPS and the 4chan file has been pulled:

spacer.gifThis file is no longer available because of claim by  4shared Support Team.

 

 

 

 
 

drmike

100% Tier-1 Gogent
ChicagoVPS is a total crap heap.

This is the second hack since November.

Yeah, there is a full database dump floating around too it seems.

Did anyone see what was in that database passwords file?
 

Magiobiwan

Insert Witty Statement Here
Verified Provider
I didn't grab it myself, but I hear (from thread on LET) it's the same stuff as was in the RamNode one. Names, Emails, Client IDs, Hashed PW, Original Root PW, IPs, Hostnames, OS, Virt Type, etc. 
 

drmike

100% Tier-1 Gogent
Oh look, Kevin is indeed Adam Ng:

(12,'adamng','50f1ba0c5fe73f19bbf09cc728f2526e57910c23','[email protected]','Adam','Ng','Active',1,1354156121,'1','sysinfo:true,susvps:true,rlsinfo:true|clusterstats:true,userstats:true,clientact:true,updates:true,sysmess:true|','control:true,sett

ings:true|usage:true,info:true,note:true|','nodeinfo:true,nodebuttons:true,nodegraphs:true|','')
 

mpkossen

New Member
ChicagoVPS is a total crap heap.

This is the second hack since November.

Yeah, there is a full database dump floating around too it seems.

Did anyone see what was in that database passwords file?
Could also be due to a SolusVM exploit.

Several people on LET confirm their information is in the file. I'm just assuming it's a dump of the customer table or maybe even a full dump.
 

drmike

100% Tier-1 Gogent
Could also be due to a SolusVM exploit.

Several people on LET confirm their information is in the file. I'm just assuming it's a dump of the customer table or maybe even a full dump.
It's a full SolusVM dump.  Same sort of dump as the November #failing 
 

MannDude

Just a dude
vpsBoard Founder
Moderator
So does this DB have all the same info as their last one did? If so, that's very worrying. If it's a full DB dump of SolusVM then I'd assume it has emails, passwords (hashed, can be easily unhashed), IP addresses, etc, etc.

Not good at all. Was this Robert Clarke too? Haha.
 

peterw

New Member
Post on LEB:

Lol:


Attention providers:
In roughly 12 hours I will be disclosing 3 zero day vulnerabilities on solusvm.
I suggest you take backups fast or else hackers will abuse this. I have tried contacting solusvm to fix it however I have been ignored.
They stated the vuln is “not important at this time”
Good luck.

June 17, 2013  2:36 pm
 

MannDude

Just a dude
vpsBoard Founder
Moderator
Oh look, Kevin is indeed Adam Ng:

(12,'adamng','50f1ba0c5fe73f19bbf09cc728f2526e57910c23','[email protected]','Adam','Ng','Active',1,1354156121,'1','sysinfo:true,susvps:true,rlsinfo:true|clusterstats:true,userstats:true,clientact:true,updates:true,sysmess:true|','control:true,sett

ings:true|usage:true,info:true,note:true|','nodeinfo:true,nodebuttons:true,nodegraphs:true|','')
Ha, been saying it all along. No one cares. Adam Ng IS Kevin Hillstrand. No one would admit to anything. The kid just turned 18 a month or so ago.
 

drmike

100% Tier-1 Gogent
Ha, been saying it all along. No one cares. Adam Ng IS Kevin Hillstrand. No one would admit to anything. The kid just turned 18 a month or so ago.

Yeah Holestained is Adam Ng.      Yep, he was a minor while employed by CVPS and URpad.

Yes, Adam and Chris lied again about who Hillstrand was.

Did WHT ban Hillstrand yet?  They should.
 
Status
Not open for further replies.
Top
amuck-landowner