Don't use Abraxas (leaked clearnet IP)

Hi,

just browsing some of the markets for fun, after the evo fallout, and I noticed that Abraxas currently shows a clearnet IP in the listings, instead of the onion address.

Whois says the server is located somewhere in the Baltics, open ports are SSH and HTTPS, it responds to ICMP and runs nginx 1.2.1. I didn't poke the server any further, but already pretty shoddy opsec if you ask me.

Since LE will have that information as well, no doubt, I'd stay clear.


Comments


[60 Points] pinkprincess1:

I've manually approved your post. Automod caught the dots, numbers and words onion address and put two and two together and got five!


[10 Points] Jay-__:

Have you disclosed that to their support/its admin, too?

If it's true it seems to be a very critical coding fault, to say the least. Anybody got an account on Abraxas that can confirm?


[7 Points] MLP_is_my_OPSEC:

Default SSH port open

Dear fucking god, talk about "How not to run any secure server 101"


[8 Points] honestlyimeanreally:

shows a clearnet IP in the listings

Could you elaborate?

This is important information, assuming it isn't FUD.


[7 Points] 3point1415926535nine:

yikes... thanks for the heads up


[7 Points] youtakesally:

I couldn't expect much from a market which name is desperately chosen to be in the first position of alphabetical ordered lists.


[3 Points] None:

[deleted]


[2 Points] sharpshooter789:

The owner needs to learn how to setup a hidden service correctly. The server should not respond to any requests not over Tor.

I wonder what types of authentication are permitted over SSH or if root is allowed to SSH.

In any event I would avoid this market.


[1 Points] DarknetWiki:

Thanks for informing the community of this opsec fail.


[1 Points] italktoaliens:

Someone please send me a referral link for abraxas...Agora is down, bummed. thanks. Molecules heal me.


[1 Points] 54yghd:

http://hustler.xp3.biz/annabelle6.gif


[-1 Points] Oracle_DNM:

Hmmm this post reminds of some past-post that looked something like that (it was about Evo, but i will use Black Bank as example):

I work for a hosting company and i just found that Black Bank is hosted on our server, here is my proof! http://i.imgur.com/jb3moTM.png Everybody Run!


[-1 Points] DankNetMarkets:

And how did you find this while the market is down for the last 36 hours or so...? (down or showing some error)


[-5 Points] ___xXx___:

I'm on Abraxas now. How is their clearnet IP being shown? It all looks like .onion addresses to me.


[-7 Points] LawEnforcment:

Thanks for providing so many proofs. /s


[-8 Points] iyf4eeee65e75e75e:

I noticed this too, also agora blackbank and nucleus are showing thier ip's, and now that i look closely enough youre showing your ip too.

look i got proof its right here:

(srsly that the mods approved this level of troll shows how stupid they really are)