UnamWebPanel
UnamWebPanel copied to clipboard
UnamSanctam
π©π©π©π©π©π©π©π©π©Again SECURITY BREACH THE SAME GUY HACKING PANELS XSS URGENTπ©π©π©π©π©π©π©π©π©
Unam please look at this
the same guy hacked again panels and its getting a XSS ATTACK
PLEASE CHECK
THIS IS the miner emulating connection
Please post the database (or send it to [email protected]), might've missed some escape in the formatting section since I'm not able to test it at the moment.
this is honestly getting out of hand dude theres so many security issues and they've been happening for months when is this finally going to end? webpanels have been hacked many times now.
There is only the XSS issue that has been reported, except for those that weren't clearing their error logs. If you have any other issues please report them. I can't fix something that I have not been made aware of.
I send You the DB AND THE error files Unam please check it
Aha, the sneaky bastard put the XSS script inside the hashrate reporting.
u see ? i send u :D
Yes I saw it, it seems like he started putting the script inside the hashrate reporting now. Here's an updated one that does sensitization on every input, please check if it works correctly since sadly I cannot test at the moment: UnamWebPanel.zip
I checked that i put the whole folder and set the correct permission also i reboot the apache server and delete old session and still that error :/
Can you post the database if it's not empty? I'm currently doing this all (responding and coding) on my phone so it's hard to test it myself.
give me a sec i delete the whole project and rebuilding again bro give me a sec
olkay i reinstalled and now is up and running, lets see if is hacked again bro im watching :D
Okay for now its working great changed password and deleting old session hope this help to prevent future hackings unam, thanks for ur FAST Response i really apreciate it :)
Okay for now its working great changed password and deleting old session hope this help to prevent future hackings unam, thanks for ur FAST Response i really apreciate it :)
Alright great, thanks for the fast report and testing.
Be aware that they still trying to gain access to panels now a new IP Appears
Yes they will probably still try different ways of doing so, though none of it shouldn't work anymore.
2mhs was gone and I downloaded and installed the panel again but it was still gone :(
2mhs was gone and I downloaded and installed the panel again but it was still gone :(
All miners will always return to their original configuration on their next restart, so on their next restart they should reappear.
I deleted the worker that he connected to me and after deletion, the versions of the workers stopped being displayed in the web panel. I had to delete the old database again and download a new one.
Please send your database here or to [email protected], it's possible that I might need to set ENT_QUOTES and 'UTF-8' as well for the sanitation if they are using that as a workaround.
dude ill do it but this is the 3rd day in a row of this happening, and dude obviously cant be that smart hes fucking mining xmr and not zeph hes not even stealing the gpu workers too.
Yes XSS attacks are pretty simple to execute, especially nowadays with ChatGPT and others, currently I'm working on the next version which is a rewrite of most of the code while also working on a lot of real life work. Here's the latest hotfixed version for the current version at least: UnamWebPanel.zip, though I can't know what they did for your panel without seeing the database entry.
Alright, try with the latest version I sent in the previous message, looks like he might actually be doing it since ENT_QUOTES wasn't set previously (the previous one I had to code on my phone).
The one I just posted, the previous one I had to code on my phone since I didn't have a computer so I missed escaping single quotes (') by explicitly setting ENT_QUOTES, which is what I believe he's using to attack now.
If I connect my mine to the panel, it immediately goes offline and does not come on again.
what causes this?
Maybe because it double escapes? I'm currently in a meeting but I'll try to test it. And if the people sending death threats to my email are reading this then please stop, it makes it harder to help with all the messages.
The one I just posted, the previous one I had to code on my phone since I didn't have a computer so I missed escaping single quotes (') by explicitly setting
ENT_QUOTES, which is what I believe he's using to attack now.
It doesnβt steal workers from me and doesnβt change the configuration of workers. It just disables some functions of the web panel for me and thatβs all, but the workers work on my configuration.
and the version unam sent me after the 3rd apparent fix not even working
Seems like only the full row output for formatting wasn't working, the one I asked to test the panel didn't notice since theirs were on "Starting" (which has priority over the full row output calculation), try this one: UnamWebPanel.zip, I'm in a meeting at work and the person I asked to test for me is doing it quite slowly so please tell me if there's anything wrong.