Results 1 to 7 of 7
Thread: WHMCS 5.2.8 Critical Bug Fix
-
10-09-2013, 07:11 AM #1Technology Consultant
- Join Date
- Feb 2013
- Posts
- 657
WHMCS 5.2.8 Critical Bug Fix
Hello,
How did you found out, if your database was compromised through this bug ?
Is there any way to detect this ?█ IT
█ Is Nice.
-
10-09-2013, 07:22 AM #2Another way to check is via the Activity Log. This can be accessed via the admin area by navigating to Utilities > Logs > Activity Log. Again here you're looking for any references that contain the keyword "AES_ENCRYPT". If you see them, then somebody has attempted to use the exploit on your system.~]# Ethernet Servers Ltd - Est. 2014! - sales @ ethernetservers.com
~]# Try out our WordPress speed tests for yourself!
~]# NVMe Web Hosting | Unmanaged VPS | Fully Managed VPS | Dedicated Servers | Domain Names
~]# Don't settle for any less than the very best - come & join our family today!
-
10-09-2013, 10:11 AM #3Web Hosting Master
- Join Date
- Jan 2003
- Location
- SLC
- Posts
- 2,278
Look at your newest users (especially ones with no services)
Note: if you were running the latest mod security rules from got root you were in no danger
-
10-09-2013, 01:03 PM #4Quality Web Hosting Matters
- Join Date
- Mar 2006
- Location
- Servers
- Posts
- 1,590
Search WHMCS activity log for:
AES_ENCRYPT
Also install mod_security with latest Atomic rules , they have the rule blocking this WHMCS exploit.█ QHoster.com - Web Hosting with DDoS Protection | Shared & Reseller in Europe/North America
█ Linux/Windows RDP VPS 13 Locations : UK, US (5 states), Mexico, Canada, Bulgaria, Lithuania,
█ Italy, France, Germany,Netherlands, Switzerland, Rissia, Singapore | OpenVPN/PPTP Enabled
█ INSTANT | PayPal, Skrill, Payza, Bitcoin, WebMoney, Perfect Money, Ukash, CashU, paysafecard
-
10-09-2013, 04:09 PM #5Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
10-09-2013, 04:17 PM #6Web Hosting Master
- Join Date
- Jan 2003
- Location
- SLC
- Posts
- 2,278
I would believe that is incorrect
with the exploit only thing accessible was the user info 403 denied for the sql injection.
you would still see the attempt "AES_ENCRYPT" in the WHMCS logs
-
10-09-2013, 04:34 PM #7Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
Similar Threads
-
PHP 5.3.9 Critical Bug - Patch now
By Ramprage in forum Hosting Security and TechnologyReplies: 62Last Post: 02-08-2012, 01:07 PM -
Please help me fix this z-index bug
By ThatScriptGuy in forum Web Design and ContentReplies: 10Last Post: 07-10-2010, 11:25 PM -
CSS bug how to fix this?
By w3bdesign in forum Web Design and ContentReplies: 3Last Post: 08-27-2007, 11:00 AM -
How to fix Drive Critical
By vietkool in forum Hosting Security and TechnologyReplies: 13Last Post: 12-14-2004, 12:13 AM -
IS There is a way to fix CGI BUG!??
By hostcost in forum Hosting Security and TechnologyReplies: 1Last Post: 06-24-2003, 08:20 AM