Results 1 to 25 of 357
Thread: Another WHMCS exploit
-
10-18-2013, 02:19 PM #1Junior Guru Wannabe
- Join Date
- Sep 2011
- Location
- USA
- Posts
- 61
Another WHMCS exploit
Looks like another WHMCS exploit just came out, take down your WHMCS installs now! This exploit is for the latest 5.2.8 code. Source is same as last time
1
-
10-18-2013, 02:20 PM #2Junior Guru Wannabe
- Join Date
- Jul 2013
- Posts
- 52
do you have some more informations?
1
-
10-18-2013, 02:27 PM #3Junior Guru Wannabe
- Join Date
- Mar 2011
- Location
- Scotland
- Posts
- 94
Yep - same source, its out there if you know what to search for. Not recommended anyone posts the link as it will play into those whom want to cause havocs hands.
We have locked down our billing install for now.1
-
10-18-2013, 02:48 PM #4Junior Guru Wannabe
- Join Date
- Mar 2011
- Location
- Scotland
- Posts
- 94
hopefully find out shortly what's going to happen!
Hello,
Thank you for the notification. We are currently aware of this and verifying if it is legitimate now. If it is a confirmed vulnerability then a patch will be released immediately.
If you have any other questions, please let us know and we will be happy to help!
Regards,
Don R.
WHMCS Support Staff Member"0
-
10-18-2013, 02:49 PM #5Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
1
-
10-18-2013, 02:50 PM #6Junior Guru Wannabe
- Join Date
- Mar 2011
- Location
- Scotland
- Posts
- 94
0
-
10-18-2013, 02:51 PM #7WHT Addict
- Join Date
- May 2013
- Posts
- 151
This WHMCS guy has to be put in jail
0
-
10-18-2013, 03:03 PM #8Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
If the decrypted source code is genuine, this is an unbelievably massive hole.
Why will they not get an external audit run on their code? The explanation they published about the last exploit did not say anything about what they do to prevent similar exploits in future.Not as active on WHT as I used to be, but still drop in and receive email notifications from here.
My personal blog site: https://www.oakleys.org.uk/blog0
-
10-18-2013, 03:08 PM #9Web Hosting Master
- Join Date
- Aug 2007
- Posts
- 2,157
I like WHMCS, I really do, but they are stumbling a lot lately. I'd like Rack911 to do a full audit on their software.
█ Bobby - PreciselyManaged.com - Precision Hosting Solutions
█ Enterprise Shared, Reseller, VPS, Hybrid, and Dedicated Hosting
█ SpamExperts | CloudLinux | cPanel | Bacula + R1soft | and more!
█ Full proactively managed, and we specialize in hosting small web hosts0
-
10-18-2013, 03:10 PM #10Disabled
- Join Date
- Dec 2010
- Location
- 127.0.0.1
- Posts
- 5,732
This is the worse thing I have ever heard, if it's been removed by PHP there has to be a reason behind it. Don't re-create it.
0
-
10-18-2013, 03:11 PM #11WHT Addict
- Join Date
- Jun 2012
- Posts
- 109
This is getting crazy. Are they even serious about their product?
I mean, we can't just disable our billing systems all the time because of a software with exploits?
There has to be an alternative! WHMCS - is going down the hill██ ElitePixels.net - Web Design / Re-Design Services
██ Experts in Web-Hosting Designs
██ http://www.twitter.com/elitepixelsnet0
-
10-18-2013, 03:18 PM #12Junior Guru Wannabe
- Join Date
- Aug 2011
- Posts
- 54
Turned recurrent WHMCS, every week has a security flaw.
Why guys do not just revise the system at once or simply hire an external audit.
And none of them give any public position.
Expect some will be harmed installation, to take any action.Cheap VPS in Brazil - Equinix SP1 Data Center
Coming soon.0
-
10-18-2013, 03:20 PM #13
Interesting this new one was released while WHMCS/CPanel folks are attending a summit (according to the Twitter feed). Wasn't the first one released during another get together?
Your one stop shop for decentralization
0
-
10-18-2013, 03:21 PM #14Web Hosting Master
- Join Date
- Feb 2004
- Location
- Toronto
- Posts
- 2,308
VimHost >> 30 Days Backup | cPanel + LiteSpeed + JetBackup | DMCA FREE!
20 Years in business ~ Premium Hosting in Toronto, Canada ~ 151 Front Street (Canadian owned and operated)0
-
10-18-2013, 03:25 PM #15WHT Addict
- Join Date
- May 2013
- Posts
- 151
So that means those guys who know the security hole right now can access all people's site?
0
-
10-18-2013, 03:25 PM #16Build It Better!
- Join Date
- Dec 2002
- Posts
- 5,448
If those discovering the exploits were looking to have the largest measure of success on the WHMCS installations out there, then it would make sense to time the release of an exploit when a fix might take the longest to develop.
The more folks at the conference the less folks there are back at an office working on a patch...0
-
10-18-2013, 03:27 PM #17Retired Moderator
- Join Date
- Oct 2010
- Posts
- 5,079
It's time to ban attending conferences. Spend the air fares on code audit instead.
0
-
10-18-2013, 03:27 PM #18Web Hosting Master
- Join Date
- Apr 2002
- Posts
- 1,789
I haven't seen it mentioned, but I'm assuming this exploit also affects WHMCS v5.1.10, is that correct?
The last exploit affected both 5.1 and 5.2 and I'm given to understand that this exploit follows a similar path as that exploit, so I'm assuming that it affects the 5.1 release tree as well. But thus far I've only seen it mentioned that this affects the 5.2 release tree.0
-
10-18-2013, 03:28 PM #19Web Hosting Master
- Join Date
- Jul 2010
- Location
- ~/
- Posts
- 1,382
Annoying.
It is obvious that they don't care and are happy to patch on fail only rather than take a proactive audit.
I STRONGLY urge everyone to open a ticket with WHMCS that uses it stating something like.
"I am very disappointed to learn that a completely avoidable hole was found in your commercial software, once again you have put my business and the business of many others at risk without good reason.
Please accept this as a formal complaint, I request 3 months worth of credit as compensation and insist that a proactive audit is carried out at your expense by a qualified third party."
Insist it gets escalated to management.
really they need to be hit with 1000's of such requests or they simply will not change, mine has gone in█ -> INCEPTION HOSTING LIMITED Since 2010!
█ -> I am most active on the lowendspirit hosting forum Come join us!
█ -> PHOENIX USA & THE NETHERLANDS & UK EU0
-
10-18-2013, 03:28 PM #20Managed VPS Experts
- Join Date
- Nov 2007
- Location
- New Jersey, USA
- Posts
- 4,740
I've been reading on various forums about this, why would someone post a link to the actual exploit? Not a lot of people know the website that this is posted on, posting it on forums will just make it worse!
- Daniel0
-
10-18-2013, 03:31 PM #21
The fact they're being released publicly at all makes me wonder if this is more punitive or intentionally harmful rather than "ordinary" hacking efforts. I'd suggest most hackers that are in this for gain would keep it quiet and use it to grab data, servers and so on. To release publicly, and in a mocking, public "name and shame" manner feels like it's to be destructive to the brand than to brag to others in that community or for financial gain and so on.
Just me, maybe.Your one stop shop for decentralization
2
-
10-18-2013, 03:34 PM #22Web Hosting Master
- Join Date
- Jan 2012
- Location
- Glasgow, Scotland
- Posts
- 607
Guess its time to consider to move to another billing solution, its been 15 days since last time.
██ HostUS - Premium Hosting Made Affordable
██ TEN Worldwide locations spanning USA, Europe & Asia Pacific
██ Own ASN, Own Network, Own IPs - AS7489 & AS259260
-
10-18-2013, 03:34 PM #23Managed VPS Experts
- Join Date
- Nov 2007
- Location
- New Jersey, USA
- Posts
- 4,740
Does HostBill own the website that is releasing these exploits, hahaha.
We have shut down our WHMCS until this is fixed.
- Daniel0
-
10-18-2013, 03:35 PM #24Disabled
- Join Date
- Dec 2010
- Location
- 127.0.0.1
- Posts
- 5,732
0
-
10-18-2013, 03:38 PM #25WHT Addict
- Join Date
- May 2013
- Posts
- 151
poor people who are victims
0
Similar Threads
-
[FEATURED] New WHMCS Exploit
By Aldryic C'boas in forum Hosting Software and Control PanelsReplies: 399Last Post: 10-18-2013, 03:57 PM -
WHMCS Exploit?
By Dustin B Cisneros in forum Hosting Software and Control PanelsReplies: 4Last Post: 07-11-2013, 11:02 AM -
New WHMCS Exploit?
By Hoosier Mike in forum Hosting Software and Control PanelsReplies: 41Last Post: 03-26-2013, 08:21 PM -
WHMCS Exploit?
By squalled00 in forum Hosting Software and Control PanelsReplies: 3Last Post: 01-19-2012, 03:14 PM