New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Indeed it is
I was replying to a comment where he wrote: im not going to be pentesting for free, ...
So stop taking my words out of context and building a lie to fit your narrative.
Stupid cunt.
the only difference from pentesting would be sending the PoC and writeup to the author.
and im not going to be doing that as it only encourages vibe coders to prompt more and think their app is secure.
on another note, do you always get aggressive for no reason when people point out you are wrong? you seem to have a lot of hate for someone who just had a disagreement online
When did I started insulting you? lol
Oops, tough crowd. Should’ve posted on Twitter or Reddit.
When you altered my post by removing the quote and twisted what I wrote to mean something else.
The funny part is that both of you are too stupid to understand the difference, both in what you did wrong and the difference between hacking and pentesting.
pity its gone from github. It was not that bad for a vibe coder.
It was catastrophe hosted from home mini pc.if one can’t even vibe input validation and sanitize output - it is just stupidity.
They had access to the terminal; that was the issue. And they could run su, which gave them root access to my Ubuntu server, I mean.
I removed it from GitHub for security reasons so others wouldn't deploy it. But I still have the panel, and it is working well. I secured my server.
I'm glad I had a backup in place. They deleted three WordPress directories. I have everything that they did because the DockPanel kept logs. They tried to remove the logs from the server so that their traces would be gone, but I have everything detailed.
Good luck. Say hi to Claude, I will have session with it today.
What they destroyed:
- /root/ — bash history, SSH keys, all configs (unrecoverable)
- WordPress core files on 2 sites (~5,800 files)
- ~92,000 WordPress uploaded images across 2 sites
- Stopped a Docker container
What they created:
- 3 backdoor sudo users: serviced, ubuntu24, serverdd
- Set a password on the locked root account
- 8 sites through the panel, nginx configs, fail2ban jails
What they did NOT do: No rootkit, no SSH keys planted, no cron persistence, no cryptominer. Theory: they were evaluating the server for mining, decided it wasn't worth it, and trashed things on the way out.
What saved me:
- Virtualmin weekly backup from the day before — restored WordPress
- Claude Code (AI coding tool) — cleaned up all backdoor accounts and secured SSH before I rebooted
- Audit logging — the panel logged every terminal keystroke
The comeback attempt:
12:27 — Server back online
12:41 — Attacker tries SSH as serviced — "Invalid user" — account already deleted
12:42 — Tries again — fails — gives up
Even ai generated investigation
Yeah you better do that dude.
Sudo rights in general for service accounts is not a best practice.
Even if I had access to somebody's terminal, I would not delete/destroy files on a server. That creates bad karma.
Agent offline — the DockPanel agent is not responding.
I stopped it. They tried to take down my server. But I was lucky because the DockPanel I created kept all the logs—I saw everything they did on my server as the panel keeps track of what you do in the terminal. It's a really powerful panel.
repository URL is not accessible. If you make it public, we’d be happy to contribute. Also, please clarify whether the project is licensed under MIT or Apache 2.0.
@ovexro If you open the installation, I'd like to test it.
I have the repo downloaded, it's MIT.
The DockPanel is really powerful, and I will make it available to GitHub very soon, but it must be secure first. I need to offer proper/updated guidelines for safe use. I also need to be sure that the terminal cannot be used to gain su / root access.
Gives chicken karma indeed. Chickens end up in the frying pan.
aka Cooked
If you’re using russh, you cannot open a channel before completing authentication.
better approach is to spawn the system ssh client using tokio::process::Command and stream stdin/stdout to the terminal. you can use libssh2 also, providing an unauthenticated interactive terminal session is better.
lmao
Do you know about Ralph Wiggum loop? Check out https://github.com/anthropics/claude-code/blob/main/plugins/ralph-wiggum/README.md (official repo). It runs Claude Code in a loop until all issues are fixed.
Sounds like it will convert my money to NVDA stock price even faster.
Actually, you don't need panel if you have AI. Just give your ssh to AI and tell him "deploy this project to the server" and everythings works.
Hello where i can download CockPanel?
>
Thank you so much! I'm really glad that you shared this with me.
I encourage everyone to learn programming. But I'll make an exception here. Please stop it here for now.
Learn the basics. Learn about security, design pattern. At least learn till the point where you are understanding what AI is trying to do.
Right now, you have no idea what is going inside the hood. Even the debug.... It has to be given by and interpreted by AI. The panel did nothing to save you.... Your weak vps did which was probably below standard for the attackers.