• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Constant Plesk Administrator password?

K

knocx

Guest
Weird...interesting and i dont want to believe this....but

we had 2 windows psa servers (7.5.6 & patched) compromised constantly , thus we had abandoned the servers and 1500 domains, discontiniued plesk, this costed us over 30.000USD

I had a post about some vulnerabilities here

http://forum.plesk.com/showthread.php?s=&threadid=31670


But this thing is different , today another hacked company called us , they had 1 win PSA windows server with same settings and they are also compromised several times. he said that the hackers contacted him and told where the breach is.


he says : The hackers caimed that The "Plesk Administrative Account" which is a member of Administrators group has a default password by installation thats how they get in so easiliy,

the company isnt sure if they are talking about Plesk Administrative account or psaadm account.

The question is : Does this Plesk Administrative account or psaadm has a constant password???

I will try to dump the sam database and analyse this, please anyone tries this test, post what you found it here
 
> Does this Plesk Administrative account or psaadm has a constant password???

No. These passwords generate by random algorithm.
Can you contact SWsoft support team for give more information about problem?
 
But, may be you used the cloning for creating new server. In this case passwords can be coincided. For setting new password you can use the following command:
papswd --set --password='new password'
 
Back
Top