Closed masterjek closed 8 months ago
UnamSanctam
commented
8 months ago It's most likely an XSS attack, you can see more here: https://github.com/UnamSanctam/UnamWebPanel/issues/313. There's a version of the web panel there that mitigates it.
masterjek
commented
8 months ago I downloaded the version of the web panel that you recommended in the discussion. But even in it I got a worker who breaks the web panel. Screenshot below.
UnamSanctam
commented
8 months ago Yes he can still fake a miner connection (since there is of course no way to validate a miner connection as legitimate), but it should not break the web panel since the script isn't being run.
masterjek
commented
8 months ago Can I just delete this entry and the database won't break? Although if I delete it, will it come back again?
UnamSanctam
commented
8 months ago Yes you can delete it without issue, if he connects again with the fake miner connection then it will appear again, most likely he has a script that contacts your web panel at an interval.
gabjohn3
commented
8 months ago check the new Update for that security breach here
Hello Unam. After a certain time, a worker appears in the web panel, screenshot below.
After this worker the database becomes broken. I cannot change the language, select miner configurations, view statistics, or delete workers. When I try to perform one of the above actions, I am simply directed to the authorization window.
I delete the old database, copy a new clean one and everything works fine. But over time, this worker appears again, and the IP address is different each time and after its appearance the database becomes corrupted.
It turns out that someone is hacking the web panel? But the log folder is empty, there are no errors.