Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

ChicagoVPS database leaked? ChicagoVPS customers - change your root passwords immediately! - Page 4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

ChicagoVPS database leaked? ChicagoVPS customers - change your root passwords immediately!

1246712

Comments

  • ChanChan Member

    @24khost said: hopefully this happens to no other hosts.

    You'll be fine as long as you aren't "winning"

  • RadiRadi Host Rep, Veteran

    Chris is pure gold :D

  • MunMun Member

    Confirmed: I am in the dump :(

  • erhwegesrgsrerhwegesrgsr Member

    I want to see how many VPSes they actually have, someone maybe PM or email at bronzebyte[at]gmail[dot]com

  • RadiRadi Host Rep, Veteran
    edited February 2013

    @Mun, can you PM me the dump?

  • MunMun Member

    @Radi said: @Mun, can you PM me the dump?

    I don't have the dump.

  • fislefisle Member

    @BradND said: 59 Nodes apparently :-)

    59? select COUNT(name) FROM nodes; returns 56. :o

  • RadiRadi Host Rep, Veteran

    @Mun you said you saw yourself.
    @fisle Check your PMs.

  • MunMun Member

    So here is the describe of the table so you all know what info is being thrown around: CREATE TABLE clients (
    clientid int(11) NOT NULL AUTO_INCREMENT,
    resellerid int(11) NOT NULL DEFAULT '0',
    username varchar(40) NOT NULL,
    password varchar(100) NOT NULL, <-- Encrypted
    emailaddress varchar(100) NOT NULL,
    firstname varchar(50) NOT NULL,
    lastname varchar(50) NOT NULL,
    company varchar(50) NOT NULL,
    level varchar(20) NOT NULL DEFAULT 'Client',
    status varchar(20) NOT NULL DEFAULT 'Active',
    vcode varchar(64) NOT NULL,
    loginalert int(1) NOT NULL DEFAULT '1',
    created int(100) NOT NULL,
    lastlogin varchar(100) NOT NULL DEFAULT '0',
    rsmaxvps int(11) NOT NULL DEFAULT '0',
    rsmaxdisk varchar(250) NOT NULL DEFAULT '0',
    rsmaxmemory varchar(200) NOT NULL DEFAULT '0',
    rsmaxuser varchar(200) NOT NULL DEFAULT '0',
    rsmaxipv4 varchar(200) NOT NULL DEFAULT '0',
    rsmaxipv6 varchar(200) NOT NULL DEFAULT '0',
    rsmaxburst varchar(200) NOT NULL DEFAULT '0',
    rsnodegroup varchar(255) NOT NULL DEFAULT 'none',
    rsopenvz int(1) NOT NULL DEFAULT '0',
    rsxen int(1) NOT NULL DEFAULT '0',
    rsxenhvm int(1) NOT NULL DEFAULT '0',
    rskvm int(1) NOT NULL DEFAULT '0',
    rsnodegroups text NOT NULL,
    rsmaxbandwidth varchar(200) NOT NULL DEFAULT '0',
    unameprefix varchar(20) NOT NULL,
    mediagroups text NOT NULL,
    lang varchar(30) NOT NULL DEFAULT 'English',
    dnsid int(11) NOT NULL DEFAULT '0',
    rsdefcpu int(6) NOT NULL DEFAULT '4',
    PRIMARY KEY (clientid)
    ) ENGINE=MyISAM AUTO_INCREMENT=6170 DEFAULT CHARSET=latin1;

  • erhwegesrgsrerhwegesrgsr Member

    @fisle said: 59? select COUNT(name) FROM nodes; returns 56. :o

    Chance you can get the specs and the typical amount of 2GB's per node?

  • MunMun Member

    @Radi said: @Mun you said you saw yourself.

    @fisle Check your PMs.

    For only mine, I didn't see the whole dump.

  • erhwegesrgsrerhwegesrgsr Member

    @Radi said: Check your PMs.

    He isn't going to send it to someone with 36 comments if he's right minded.

  • DalCompDalComp Member

    @fisle said: 59? select COUNT(name) FROM nodes; returns 56. :o

    Not 150? Think they posted that number on some thread...

  • erhwegesrgsrerhwegesrgsr Member

    @DalComp said: Not 150? Think they posted that number on some thread...

    he did in the cvps lost mind thread

  • MunMun Member

    @DalComp said: @fisle said: 59? select COUNT(name) FROM nodes; returns 56. :o

    Not 150? Think they posted that number on some thread...

    I think they meant 150 (VPS's) and not 150 Active clients.

    At the time of the dump I had 4.

  • fislefisle Member

    @BronzeByte said: Chance you can get the specs and the typical amount of 2GB's per node?

    Table vservers has 3968 rows, though.

    @DalComp said: Not 150? Think they posted that number on some thread...

    56 in that DB.

    And no, I don't feel comfortable tossing the DB around.

  • Random_DudeRandom_Dude Member

    @Mun said: password varchar(100) NOT NULL, <-- Encrypted

    So passwords are just hashed without a salt? What kind of hash is it?

  • MunMun Member

    @Random_Dude said: @Mun said: password varchar(100) NOT NULL, <-- Encrypted

    So passwords are just hashed without a salt? What kind of hash is it?

    I can't fully determine with the info I got, but it isn't in plain text.

  • vldvld Member

    From the IRC HTML paste spam, some stats:
    2042 clients, 2509 VMs, 35 nodes

    Seems like all VM root passwords are in there, and about 35% of the solus web login password hashes are bruteforced

  • erhwegesrgsrerhwegesrgsr Member

    @CVPS_Chris said: Over 150 physical servers

    http://www.lowendtalk.com/discussion/comment/199748#Comment_199748

  • MunMun Member

    @vld said: From the IRC HTML paste spam, some stats:

    2042 clients, 2509 VMs, 35 nodes

    Seems like all VM root passwords are in there, and about 35% of the solus web login password hashes are bruteforced

    In that db dump, the one I was shown had nothing about the root password of the server.

    ..... anyway you might be able to check against a said value for me?

  • fislefisle Member

    @vld said: From the IRC HTML paste spam, some stats:

    2042 clients, 2509 VMs, 35 nodes

    According to this it is 2859 clients, 3968 VMs, 56 nodes

  • fislefisle Member

    @Mun said: In that db dump, the one I was shown had nothing about the root password of the server.

    VM data are in another table, not in the 'clients' but 'vservers'. There are hostnames, encrypted root passwords, IP addresses. I just noticed this. Woah.

  • vedranvedran Veteran
    edited February 2013

    @vld said: Seems like all VM root passwords are in there

    Root passwords are also hashed I hope?

    Also, why is solus even storing root passwords?

  • vldvld Member

    @vedran said: Root passwords are also hashed I hope?

    No, cleartext all of them. The only "encrypted"/hashed data is the solusvm web login password, which is sha1

  • DamianDamian Member

    @vedran said: Also, why is solus even storing root passwords?

    Convenience; it attempts to re-assign the root password after it reinstalls the OS. I would really prefer that it did not; i've actually thought about linking the rootpassword column to a BLACKHOLE-powered table.

  • RyanDRyanD Member

    @fisle if that link is indeed from November, it very well is possible they have 150 NOW ;)

  • RyanDRyanD Member

    @Damian

    best practice would dictate that they are randomized on creation. Provided to the user and then subsequently not stored.

  • DamianDamian Member
    edited February 2013

    @RyanD said: best practice would dictate that they are randomized on creation. Provided to the user and then subsequently not stored.

    Well, true best practice would be that they're randomized, but then not provided to the user either; the user must enter their desired root pass, which never gets stored. This way it never appears in emails, etc.

  • fislefisle Member

    @RyanD said: @fisle if that link is indeed from November, it very well is possible they have 150 NOW ;)

    Heh, might be so :-)

    @vld said: No, cleartext all of them.

    The root passwords are all hashed in the database OP linked. Atleast in vservers table. Am I missing something?

This discussion has been closed.