Changed host keys message
Apr 12 2023
A few weeks ago we changed and modernized our SSH server config a little. As a side-effect of this some people are getting a message that host keys have changed when logging in. Technically they have not changed, but there's a chance your client is now selecting a different algorithm which means it's getting a different key fingerprint. If you want to make sure you're getting the correct fingerprint you can enable SSHFP DNS records checking if your SSH client supports it (VerifyHostKeyDNS option for OpenSSH). Failing that, a less secure but not completely absurd fallback is to check the key fingerprints manually against those listed on our wiki.
Disable/remove option split for Apache Vhosts
Jun 6 2022
We've added an extra option to disabling an Apache Vhost. Previously disabling the vhost would also remove the files in that Vhosts documentroot. There are now two options: "disable" and "remove". The "disable" option will leave any files in your documentroot in place and only disable the Apache config to make the site unavailable. The "remove" option will make the site unavailable and remove the files on disk. Both options can be found in the "Apache" section of the "manager" command. Hopefully you will find this a useful addition to your workflows.
Support for containers
Apr 11 2022
You can now run OCI compatible containers (ie. docker containers) on our server. This has been implemented using podman, a (mostly) docker compatible container runtime. Any individual docker container build or run should work. Anything that uses the docker socket to talk to the docker daemon directly will not work. Currently there is not yet any good "docker compose" like function available that works with our podman setup but we will continue to look out for such a solution.
Disk quota for SSD storage raised
Jan 3 2022
The storage quota for the main SSD storage array has been raised from 5GB to 10GB per user. The coldstorage continues to not have any quota set.
New website is live
25 Oct 2021
We've launched our new website! Don't see a difference? That's fine. Is it actually better than the old site? Nobody knows. I mostly re-wrote it for fun rather than any practical necessity.
Newer hash database is here
We've had a database of md5 and sha1 hashes for some time but we have now expanded the password list it was built with, as well as added sha256 hashes.
It now contains 1012039833 passwords and their md5, sha1, and sha256 hashes.
You can query it here.
For more info, see the wiki page.
We have also released the source code for the API interface as well as the generator script we wrote for the purpose.
Update: The database now contains 1425466767 passwords, and there's still some password dumps left we need to process.
Released bmp encoder
We've just released a simple Ruby script that allows any arbitrary data to be stuffed into a valid .bmp image. It's something we needed for a small project but who knows, it may be useful to you too. You can find it over on our Gitlab.
Corporate espionage game
Who doesn't enjoy some good corporate espionage?
Go play! You can also track your progress on our old hacking challenges there.