New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Potential BlueVM WHMCS Breach
This discussion has been closed.
Comments
TwoDayExploit must really have a hardon for BlueVM, here is a pic from his twitter
I urge you to not visit the url in the photo-- the owner has uploaded dirty content to the site.
Nothing bad that I see.
--In any case he really has a bad coding style. Putting analytics at the top of the page, when it should be put at the bottom for better loading speeds and such.--
Update: this might be because of the proxy.
Just my 2 cents.
http://www.ipv6proxy.net/go.php?u=http://www.linuxupti.me&b=0&f=norefer
It answers on V4, which gives you a much different version of the website.
Hmmm, Im not sure I want to know. Any one taken a look at the source code, he might be injecting something.
After closer inspection (with wget!) the site's A record just goes to Meatspin.
traceroute to 2001:470:694d:0:face:1:35a2:fa0e (2001:470:694d:0:face:1:35a2:fa0e), 30 hops max, 40 byte packets
1 2a02:348:82::1 (2a02:348:82::1) 8.082 ms 8.066 ms 8.127 ms
2 xl-internetservices.nl.ip6.jointtransit.nl (2a02:10:0:1::e:3) 8.266 ms 10.623 ms 8.309 ms
3 hurricane-electric.nikhef.nlsix.net (2001:7f8:13::a500:6939:1) 8.329 ms 8.335 ms 9.156 ms
4 10gigabitethernet1-4.core1.lon1.he.net (2001:470:0:3f::1) 11.927 ms 11.792 ms 11.742 ms
5 tserv1.lon1.he.net (2001:470:0:67::2) 10.383 ms 10.346 ms 10.321 ms
6 linuxupti.me (2001:470:694d:0:face:1:35a2:fa0e) 315.568 ms 316.781 ms 318.498 ms
Seems like the server is hosted in london at he.net and under attack by some sort of attack due to the high ping and some changes to its traceroute which I have noticed under multiple tests.
So lame 1999 called they want there meat spin back.
He's using a HE IPv6 tunnel. The 2001:470:694d:0:face:1:35a2:fa0e IP is assigned to a taxi service in Hampshire http://bgp.he.net/ip/2001:470:694d:0:face:1:35a2:fa0e#_whois
Address: 37 Station Rd, New Milton, Hampshire BH25 6HR, United Kingdom
Phone:+44 1425 638100
"A proffesional, friendly team that you can count on to deliver only the best guarenteed."
https://plus.google.com/115974092668487476957/about?gl=us&hl=en
So.... LOL he doesn't even have ipv6.
Not much of the UK actually does, does it? - IPV6 that is..
From what I saw he'd been tweeting shit @Ishaq about two weeks before.. seems to really love BlueVM and their staff.
Some business grade ISPs offer IPv6, none of the big names though
http://www.exa-networks.co.uk
http://www.claranetsoho.co.uk
http://aaisp.net.uk
Some home ones also above but way expensive compared to traditional prices
Either does craigory.pw. Craigory.pw (wrote negative blog article on bluevm) and Linuxti.me are both using IPv6 assigned to Abacus cars.
BlueVM should call Abacus and alert them about how their IPv6 is being used.
http://bgp.he.net/ip/2001:470:1f06:8e7::2#_whois
172.245.212.125 is somewhere on CC's network...which probably explains the use of a HE tunnel. LOL, he's using a host without IPv6 to host his website.
@Ishaq can be a bit 'aggressive', I have experienced his attitude. This must be a REALLY p1ssed off customer if he went to these lengths to get back @BlueVM.
PS: I'm selling some BlueVM credit if anyone wants it $2.26 - yours for only $1.50, or make an offer.
@asterisk14 - I've had nothing but good experiences with Ishaq, that being said I'm sure there are people around that dislike me for whatever reason..
To be honest 90% of the guys twitter feed ("hacker") was about how amazing he is, and how everyone else is just a skid. Bit of a tool imo.
I've never had any issue with Justin/Magi/Ishaq/Michael/Jordan/Scott , in fact they have always been great to folk when i have been on IRC.
@krs360 @AlexanderM - maybe I got off on the wrong foot with Ishaq, but that was my experience...
I haven't had issues with ishaq either.
If you can spend more time to reply ticket, I think it might be better.
Yep, my ticket was not answered after ~18 hours, and then when I asked Ishaq to take a look when he appeared on LEB, I don't think he like it.
What a laugh. I needed this for a long time - why would he be using a taxi firms details? Also is his twitter name TwoDayExploit ?
Who knows.. maybe he works at a Taxi rank, whilst talking shite on twitter about people's lack of IPV6, whilst using an IPV6 tunnel himself.
Yes.
So if he uses a tunnel? He has IPv6 support right? a few wrongs and rights here. Look up if they have ADSL on that line
@asterisk14 Me too,the ticket no any reply.
http://www.namecheap.com/marketplace/listing-information.aspx?marketplaceid=4222303 - Obviously selling domain.
Hello,
Sorry for not being active here, I'm currently in France.
Due to the recent threats received by Craigory/Craig (uses handle @TwoDayExploit) we have filed a complaint to Twitter. They will be dealing with it shortly.
@asterisk14
Whoever you are, please contact me via PM and let me know how I was (apparently?) aggressive. I try and be fair, kind, and helpful to all customers.
If anyone else has any questions or problems, please feel free to PM me or contact me via my email ([email protected])
Thank you.
@Ishaq - I put in a ticket, is Reseller S3 down?
Pretty sure you are getting this all wrong Ishaq - Go on Twitter and i'm sure Craigory uses the Handle " ShareCokeWithMe "
@DeanClinton
Yes apparently we're moving cPanel S3 to a server with 1TB disks due to space almost reaching it's limit (apparently there's a problem, so we're waiting on IPMI). cPanel S4 is fine.
I apologize that we didn't announce or notify customers, I was pretty annoyed too.. sysadmin in charge said it was 3 AM when he started and he forgot to massmail or update our Twitter page.
@TheNanRider
I'll let you find out why @TwoDayExploit is Craigory