Hosting hacked

On November 15th around 10:06 PM UTC the hosting server was logged in to via phpmyadmin and adminer with the correct hosting management password and deleted all accounts. Noteworthy, also the account "root" has been deleted, which was injected into the database at 10:53 PM UTC and deleted at 12:50 AM, shortly after remaining databases from the chat, link list and hit counter got deleted. Unfortunately it is not possible to find the root cause by log analysis as on 14th at 5:33 the database had already been accessed with this user and it is unknown for how long the hackers may have had access to the database due to rotating logs frequently. However the database password was last updated on October 20th, which indicates that the hack must have happened within the last month. To this day around 6500 Hidden Services were hosted on the server. There is no way to recover from this breach, all data is gone.

The scripts are open source on github and anyone is welcome to take it as a base to build a new hosting service or contribute.

Although there is no proof, I believe this severe security vulnerability recently fixed in phpMyAdmin is how the hackers gained administrative database privileges: https://www.phpmyadmin.net/security/PMASA-2018-6/ - this shows that separating 3rd party tools from my own code with e.g. chroots is very much needed.

Not affected are the mail and XMPP service, as well as the static content and the short-link service, which were hosted on my Raspberry Pi 3. The chat is restored with a fresh installation and other services will be back up soon. I expect to get the hosting back up in December (NOT on December 1st). In the meantime, http://fhostingineiwjg6cppciac2bemu42nwsupvvisihnczinok362qfrqd.onion is a good alternative.

To stay updated about the development, check here: https://github.com/DanWin/hosting


Hello, my name is Daniel and this is my personal onion site, that I develop in my free time. This site is available as TOR hidden service, I2P Hidden Service or via my clearnet proxy danwin1210.me.

This is just the landing page, you can navigate to the pages that interest you most by clicking on the entries in the navigation bar on the left.

You can download my PHP Chat based on LE-CHAT on GitHub. The onion link list script is now also available for download on GitHub. The setup I use for hosting is now also available on GitHub

If you like, what I built here, you can support me by donating via PayPal: d@winzen4.de, Monero: 432Z3PTrRso52GHHpmPRpvLhecsnc7EFsVd2TzsCJaNmK4vivDxghRB5yVCj2nzCEGajeF3rBqJ43PcpxRnvZkMs49fufzD , Ethereum: 0xFbd055EEeA3b5a3459FeC6A8FAe631305b1079A0 , Dash: XuZGhWsmf61UXTwBB4QBKx7BhirPjiw7yX or Bitcoin: 1CHvjeMJum2Zfd3JEdb35RUEdz1jjQvdPT