New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Mycustomhosting Suspended VPS with unreasonable
This discussion has been closed.
Comments
dear sir phil
when you can give me my backup has been more 24 hours i am waiting but still not get my data
@ZeroCool Keep in mind that @joepie91 might not be awake at this time. You may want to take a backup and store if offsite at this time of your site though. Just a suggestion.
@zerocool, you have 80 gb of data. It doesn't manipulate in 5 minutes. This is also not a high priority at all. If your going to leave your VPS unsecured in the future I do suggest you take offsite backups so when your VPS is hacked and you didn't do it, you do not have to wait for your host to provide a backup. If you want I can provide you the data as is. Or as suggested earlier in the post.
The constant tickets and posts regarding it are not needed.
Usually I always support the client.
However, in this case, ZeroCool's attitude makes it quite obvious that even if the VPS is unsuspended he will do nothing about it.
@ZeroCool just because someone doesn't visit a forum 24/7 doesn't make them a noob.
80gb data wow..sir i don't have that size in to kvm meybe 8GB data yes but 80 gb i think not, if you give a time i just need download 8MB my data that my new site design
but you still under your decision not give a time then okey
i not have data in to that VPS just index.html then no need to worry
New Kloxo release 6.13
6.1.13 Sec #002 Fixed Filemanager bug
6.1.13 Sec #001 Fixed SQL Injection bug
waiting joepie91 hacked my kloxo panel don't forget give screenshot you has been hacked my panel..i has been give my site to your inbox noob
Ironic.
first i thought that it was the language barrier that caused misunderstandings but now..
So, let me get this straight. You're expecting somebody to get into your Kloxo panel in under an hour, after updating it to a version that doesn't have the known exploit?
Do you have any idea how much time it usually takes to find a new unauthenticated attack vector, regardless of how leaky an application is?
Just leave him be, it's just a waste of your time. The kid doesn't know anything, let him go back to his games.
its oke now dont worry
http://project.lxcenter.org/news/25
Kloxo 6.1.13 released. Fixed 2 security bugs.
SQL Injection bug
Filemanager bug
Run:
/script/upcp
Or press Update Home button in your control panel
This is a urgent update.
This version is based on Kloxo 6.1.12 source code. Not the code from github.
Everbody can continue to use Kloxo Offical Version
Dont use editable versiyon MR
always the original version is safe
@joepie91- I expect ZeroCool has not updated anything, as MCHPhil has disabled his VPS and it has not been online since this post was started. This is also the reason that he does not feel anyone can hack his site.
@DalComp - THIS is his game, he has been doing this kind of stuff for quite a while. He is fun to watch and play the game with, but should not be taken seriously
He currently has Kloxo running on (presumably) another VPS hosted with RootLevelTech. Somewhere in the past two hours, he has updated Kloxo on there to the updated ("fixed") version - it has suddenly started behaving differently when attempting an SQLi (throwing an error, rather than giving a blank page).
His domain is phazeddl.eu, and while it is behind Cloudflare, it wasn't too hard to figure out the real IP behind it; 209.148.84.211. Kloxo running on default port, admin account appears enabled, not running -MR, just official Kloxo. If I had the time, I'd be looking for a different attack vector (after all, I was given permission to try and break into his Kloxo), but to be honest I have better things to do with my time.
If anybody else would like to show him that Kloxo is not secure, that's all info you should need. By the way, the "recover password" code doesn't appear to sanitize anything either; so that might be a good point to start looking.
ssh port : 79 for the curious ones...
I see blacklotus in the traceroute, are all vps from mycustomhosting covered under this protection?
The Ping would be much higher then, i dont think so and my traceroute says also no.
http://network-tools.com/default.asp?prog=express&host=209.148.84.211
It says blacklotus.
Which location? US? Canada is not protected.
@Mark_R - FYI, This is not the MyCustomHosting VPS this is a new one
Thanks, that explains it.
proof it this has been 24 hours my kloxo still fine..your time has been expired then this time i call you noob...but i will give you next 24 hours if still fine then thats true you noob and only theory..proof it
wow many user joined
this not joepie again ..this is team lol
What's you mean about it?.
hheheheh welcome... gan mustafa..mantau juga
Wow. Just wow. This thread takes the friggen cake. Likely eats it also. Zerocool, Im not bullshitting you, your VPS is 80Gb. You have been given FTP details to download your 80Gb VPS backup. Do so within the next 72 hours as I will be deleting it all at that time.
I do hope someone has let RLT know what this customer may be bringing upon them.
No one deserves this..
That is also correct, I do not utilize blacklotus or otherwise. The CA nodes are protected by OVH's built in protection, nothing more and nothing less. To be honest though I kind of am liking the OVH protection. I don't go around and beg people to attack me though so who knows.
And you think that the one that compromised your VPS last time, was a single person who was so overworked that he didn't have time to look for another attack vector, or what? You dispute that Kloxo has security issues, you claim that the IP "can't be found". The latter has clearly already been disproven, the former is only a matter of time if anybody really cares; and that you complain about multiple people working on it, only shows that you apparently have no confidence in Kloxo yourself either.
So how about you just admit that Kloxo is insecure, admit that your VPS was suspended because of your Kloxo being compromised (which is easily proven, by the way, judging from the default.php that used to be in your Kloxo), move on, and replace it with something more secure?
don't to many theory noob i am still waiting you proof it lol
don't just have kloxo exploit then you many cass ciss cuss
why you ask me ? find the answer by your self
sir you can delete it now i has been download it, and done restore to another provider