can LittleBizzy “takeover” my SlickStack server remotely?
- This topic is empty.
-
AuthorPosts
-
November 14, 2024 at 9:38 am #26940PatriciaGuest
because of recent events with WordPress.org and Automattic stealing the plugins from WP Engine I’m wondering if my SlickStack server is protected from any remote takeovers or hacking by LittleBizzy if they suddenly chose to do that.
November 14, 2024 at 9:39 am #26941DouglasGuestas in, hack into your server SSH/WP Admin?
November 14, 2024 at 9:40 am #26942ChristopherGuestYes technically LittleBizzy could maliciously alter the bash scripts hosted on GitHub and do things to hundreds of SlickStack servers if they wanted to but it would be publicly documented since all the SlickStack code is open source.
If you are paranoid and want to turn off remote updates of bash scripts, you can simply remove the sections from the root crontab that you don’t want to run automatically.
November 14, 2024 at 9:41 am #26943LoriGuestIf you are paranoid and want to turn off remote updates of bash scripts, you can simply remove the sections from the root crontab that you don’t want to run automatically.
Or fork the scripts you want to run automatically and update the URLs in the root crontab or ss-functions so they pull from your own repo instead of ours.
November 14, 2024 at 9:42 am #26944November 14, 2024 at 9:42 am #26945WalterGuestvery interesting… theoretically which lines would I change
November 15, 2024 at 7:42 am #26947SaraGuestLittle Bizzy can take me over anytime they want 🫦
November 21, 2024 at 10:03 am #26965JacobGuestkeep in mind that SlickStack.io and LittleBizzy.com also run on vanilla SlickStack directly from GitHub so any malicious code we might “add” to the codebase would also negatively affect our own websites and clients too.
November 23, 2024 at 6:55 am #26966BarbaraGuestvery interesting… theoretically which lines would I change
remove this entire section from your root crontab, if you want to prevent GitHub / LittleBizzy from ever becoming supervillains and taking over your SlickStack server:
#################################################################################################### #### E. Crontab: Self-Healing (Repairs Cron Jobs) ################################################## #################################################################################################### ## this will reinstall SlickStack cron job files in case they are missing or damaged ## ## it is not foolproof so running ss-install occassionally is recommended ## MAILTO="" 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/01-cron-minutely https://slick.fyi/crons/01-cron-minutely.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/02-cron-often https://slick.fyi/crons/02-cron-often.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/03-cron-regular https://slick.fyi/crons/03-cron-regular.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/04-cron-quarter-hourly https://slick.fyi/crons/04-cron-quarter-hourly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/05-cron-half-hourly https://slick.fyi/crons/05-cron-half-hourly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/06-cron-hourly https://slick.fyi/crons/06-cron-hourly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/07-cron-quarter-daily https://slick.fyi/crons/07-cron-quarter-daily.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/08-cron-half-daily https://slick.fyi/crons/08-cron-half-daily.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/09-cron-daily https://slick.fyi/crons/09-cron-daily.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/10-cron-half-weekly https://slick.fyi/crons/10-cron-half-weekly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/11-cron-weekly https://slick.fyi/crons/11-cron-weekly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/12-cron-half-monthly https://slick.fyi/crons/12-cron-half-monthly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/13-cron-monthly https://slick.fyi/crons/13-cron-monthly.txt' > /dev/null 2>&1 47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/14-cron-sometimes https://slick.fyi/crons/14-cron-sometimes.txt' > /dev/null 2>&1 53 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/*cron*' > /dev/null 2>&1 53 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/custom/*cron*' > /dev/null 2>&1 53 */3 * * * /bin/bash -c 'chmod 0700 /var/www/crons/*cron*' > /dev/null 2>&1 53 */3 * * * /bin/bash -c 'chmod 0700 /var/www/crons/custom/*cron*' > /dev/null 2>&1 ## new line to avoid conflicts ##
November 23, 2024 at 6:58 am #26969AliceGuestyou could also prevent
ss-check
andss-worker
from ever running, since those 2 scripts also retrieve updates from GitHub.you would do that by editing your cron files under
/var/www/crons/
and removing any instances from the cron job files that run those 2 scripts.for example:
https://github.com/littlebizzy/slickstack/blob/master/crons/02-cron-often.txt
#################################################################################################### #### C. 02-Cron-Often: Validate (Repair) SS-Check + SS-Worker ###################################### #################################################################################################### ...
and
source "${PATH_SS_CHECK}"
… instances, etc.December 23, 2024 at 4:00 pm #27099December 30, 2024 at 1:38 pm #27172January 16, 2025 at 12:43 pm #27356SamanthaGuestI blame Matt Mullenweg for you feeling you had to post something like this!!!
-
AuthorPosts