nextcloud security issue?
January 19, 2023, 15:08
found out that a random guy created an account on my cloud and managed it somehow to dump a 60GB file called "all_in_one.7z" into it(the account is limited to 10GB) and that file does not show up in the user table, should i take that serious or is that just a file with manupilated metadata or dmth like that?
Better hope that's not some poison pill content in there...
Could be someone who runs the data centers for nextcloud performing an attack which causes nextcloud to spend more than budgeted for virtual storage space.
Or maybe a nextcloud competitor
Or maybe the manufacturer of physical hard drives performing the attack
Or the illuminati
More likely to just be some kind of porn, tho
Also
Don't assume pronouns
How do you know it was a guy?
Also, don't assume stochastic nature, either.
How do you know it was random?
🙃
Good thing it wasn't some illegal content in there and was just a joker.
That'll teach you to play with unknown code outside of a sandbox!
Don't execute....anything. ever.
Nothing you didn't write for yourself.
first, how did he find your nextcloud url? "secure" it with a subdirectory
second, why can random people create accounts on your nextcloud instance?
Since this happened from a "random guy", one can only assume that he got his access randomly.
In terms of answering your second question...
That's because privacy and data security is a joke.
Either this was a random cred-stuffing attack leveraging a pw list, or an attack against nextcloud, leveraging a vulnerability in the service, or a direct attack against the OP leveraging a key logger on his system.
Or perhaps the OP has his nextcloud configured to accept writes from random dudes.