1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

WHMCS. Easily Hackable?

Discussion in 'Security' started by AeonGamer, Sep 20, 2008.

0
  1. #1
    I went to check on my hosting site that I am working on getting up. And was shocked to see this: ( Check the site )

    http://buynethosting.com/billing/

    WHMCS was hacked by a group of Iranians.

    Anyone know how this may have happened?. How I can stop this from happening again and How I can fix this?
     
    AeonGamer, Sep 20, 2008 IP
  2. jliu

    jliu Peon

    Messages:
    235
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #2
    jliu, Sep 20, 2008 IP
  3. AeonGamer

    AeonGamer Banned

    Messages:
    416
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #3
    I just found out what they had done. And my friend fixed it. They had found an editable file and loaded it will all their crap.
     
    AeonGamer, Sep 20, 2008 IP
  4. nimhost

    nimhost Active Member

    Messages:
    235
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    58
    #4
    which file ?
    if you post it here other people which use whmcs can fix their installation too :)
     
    nimhost, Sep 20, 2008 IP
  5. jayshah

    jayshah Peon

    Messages:
    1,126
    Likes Received:
    68
    Best Answers:
    1
    Trophy Points:
    0
    #5
    Probably any file with Chmod 0777 when Apache's running as something like DSO or lower if you are running suexec/suPHP.

    Jay
     
    jayshah, Sep 22, 2008 IP
  6. nimhost

    nimhost Active Member

    Messages:
    235
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    58
    #6
    if you running as suPHP, you don't need to chmod the files into 777 :)
     
    nimhost, Sep 22, 2008 IP
  7. jayshah

    jayshah Peon

    Messages:
    1,126
    Likes Received:
    68
    Best Answers:
    1
    Trophy Points:
    0
    #7
    That's exactly what I said:
    :cool:

    Jay
     
    jayshah, Sep 22, 2008 IP
  8. skippy123

    skippy123 Banned

    Messages:
    6
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #8
    mine is not... w w w . blokehost . com
     
    skippy123, Sep 22, 2008 IP
  9. Scorpiono

    Scorpiono Well-Known Member

    Messages:
    1,330
    Likes Received:
    35
    Best Answers:
    0
    Trophy Points:
    120
    #9
    I love having a smart webhoster. :p
     
    Scorpiono, Sep 22, 2008 IP
    jayshah likes this.
  10. MikeB67

    MikeB67 Member

    Messages:
    575
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    35
    #10
    If your copy of WHMCS was nulled check for a back door in it :p
     
    MikeB67, Sep 23, 2008 IP
  11. HostPenguin

    HostPenguin Peon

    Messages:
    68
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #11
    I was thinking of the exact same thing...
     
    HostPenguin, Oct 1, 2008 IP