Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

WHMCS Hacked

WHMCS Hacked

AsimAsim Member
edited May 2012 in General

Visit WHMCS.COM for yourself to see

Tagged:
Thanked by 1Francisco
«13456716

Comments

  • Woah, this is going to put every WHMCS install at risk.

    The Original Daniel.

  • JackJack Member

    Hmm.. I aint paying my next invoice with them!

    2nd hack in 6 months ^_^

  • The guy that hacked it is going to post the entire database.

    https://twitter.com/#!/joshthegod/status/204595003379548160

    Shitz.

    The Original Daniel.

  • AldryicAldryic Member

    @Daniel said: Woah, this is going to put every WHMCS install at risk.

    Except for those of us that put in the extra effort making sure our stuff's secure. I'd recommend that the providers here get with @vld and his company to schedule consultation/pen testing.

  • JackJack Member

    @Daniel said: The guy that hacked it is going to post the entire database.

    https://twitter.com/#!/joshthegod/status/204595003379548160

    Shitz.

    LUL all i can say

  • MrAndroidMrAndroid Member
    edited May 2012

    @Aldryic said: Except for those of us that put in the extra effort making sure our stuff's secure. I'd recommend that the providers here get with @vld and his company to schedule consultation/pen testing.

    What I mean is, who know what backdoors WHMCS has just for "their" use.

    or delete all the licenses, causing WHMCS installs to bork.

    The Original Daniel.

  • JackJack Member

    @Daniel said: What I mean is, who know what backdoors WHMCS has just for "their" use.

    Maybe they had a shell uploaded since December 1st attack?

  • They were hacked by the "Ex-Leader of Lulzsec".

    Ouch.

    The Original Daniel.

  • @Jack said: Maybe they had a shell uploaded since December 1st attack?

    Christ boss, I would have hoped their demo box, company billing & main website were all on different boxes for that very reason.

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • @Daniel said: They were hacked by the "Ex-Leader of Lulzsec".

    Ouch.

    You sure? I thought the dude was a snitch for the FBI now...

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • JarJar Member

    Do my eyes deceive me? It's not April 1st. This may fuel some discussion about alternatives today.

  • @Francisco said: You sure? I thought the dude was a snitch for the FBI now...

    https://twitter.com/#!/joshthegod

    The Original Daniel.

  • JackJack Member

    image

  • @jarland said: Do my eyes deceive me? It's not April 1st. This may fuel some discussion about alternatives today.

    Maybe it was HostBill!

    The Original Daniel.

  • JackJack Member

    someone forgot to remove the direct-connect for cloudflare :D

    Thanked by 1TheHackBox
  • yomeroyomero Member

    Hmmm, someone has a pic? xD Now I see just a blank page :D

  • JackJack Member

    it redirected to http://www.ugnazi.com/ @yomero

  • JackJack Member
    edited May 2012

    @Francisco the site's hosted on your favourite network! AS16276 176.31.0.0/16 Ovh Systems Address has 5 hosts associated with it.

  • JackJack Member

    @Francisco said: Christ boss, I would have hoped their demo box, company billing & main website were all on different boxes for that very reason.

    Don't be silly...

    Matt can't code so why would they put it on different boxes costs to much haha

  • AsimAsim Member

    I got a Video

    I really need to get sometime to code my own system and get rid of WHMCS

  • FranciscoFrancisco Member
    edited May 2012

    @Jack said: @Francisco the site's hosted on your favourite network! AS16276 176.31.0.0/16 Ovh Systems Address has 5 hosts associated with it.

    Not really surprised, OVH is huge.

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • JackJack Member

    @Francisco said: Francisoc

    you been drinking again?

  • JackJack Member

    image derp

  • @Jack said: you been drinking again?

    It's 8:45AM and I didn't hit the hay till 4AM :( Give me a break :D

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • AsimAsim Member

    Now they are tweeting from WHMCS twitter account? WTF!!

    http://www.whmcs.com Hacked by #UGNazi @UG @ThaCosmo @JoshTheGod @Le4ky @OpAntiGov #UGNazi #OpAntiGov

    https://twitter.com/#!/whmcs/status/204596829042638848

  • JackJack Member

    Is this the end for WHMCS ? :( @Francisco get coding for FranMCS haha

    Thanked by 1Asim
  • @Asim said: Now they are tweeting from WHMCS twitter account? WTF!!

    Maybe they use the same password for servers, accounts, twitter.

  • AsimAsim Member

    @Jack said: Is this the end for WHMCS ?

    Not sure, but this is one big blunder IF its really a security loophole, im scared for my own WHMCS installations :S

  • @Asim said: Not sure, but this is one big blunder IF its really a security loophole, im scared for my own WHMCS installations :S

    Not the only one, what if the security issue was inside the WHMCS software itself.

    The Original Daniel.

  • AsimAsim Member

    @AsadHaider said: Maybe they use the same password for servers, accounts, twitter.

    LOL, I hope not

  • SpiritSpirit Administrator
    edited May 2012

    Is also their twitter hacked? https://twitter.com/#!/whmcs

    WHMCS ‏@whmcs http://www.whmcs.com Hacked by #UGNazi @UG @ThaCosmo @JoshTheGod @Le4ky @OpAntiGov #UGNazi #OpAntiGov Collapse 5:37 PM - 21 May 12 via web · Details

  • PhilNDPhilND Member

    Anyone else bringing down whmcs installations just incase?

    https://nodedeploy.com | Premium VPS Solutions | Managed

  • Great to know that I have my credit card details stored with them.

    @Asim said: LOL, I hope not

    Would explain the access to the server and twitter, I doubt it's an issue with WHMCS and rather just the poor security on their server.

  • JackJack Member

    @PhilND said: Anyone else bringing down whmcs installations just incase?

    I'm thinking about it..

  • key900key900 Member

    Oh shut, Oh :D

    *LetBox.Com Amazing Unmetered + DDoS-Shield Mitigation VPS and Dedicated Boxes.
  • yomeroyomero Member

    @Jack said: it redirected to http://www.ugnazi.com/ @yomero

    Cool

    @Asim said: I got a Video

    And lol at the related videos... "how to hack..."

  • JarJar Member

    @PhilND Also talking about it right now. Better safe than sorry.

  • @PhilND said: Anyone else bringing down whmcs installations just incase?

    I shut my install down.

    FreeVPS.us - The oldest post to host VPS provider
  • Took my install offline as well, better to be safe than sorry until we hear otherwise. :P

  • Holy shit.... I'm taking it down.

  • @dmmcintyre3 said: I shut my install down.

    I'm wondering if these guys will issue a mass suspend on people's licenses?

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • JackJack Member

    @Francisco said: I'm wondering if these guys will issue a mass suspend on people's licenses?

    I suggest something comes out asap! I don't want to use WHMCS anymore I don't feel safe with it.

  • PhilNDPhilND Member

    Just taken ours off. Better start doing it guys.

    https://nodedeploy.com | Premium VPS Solutions | Managed

  • @Jack said: I suggest something comes out asap! I don't want to use WHMCS anymore I don't feel safe with it.

    The only alternative was hostbill and they're kinda merrrr from what loveVPS was saying.

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
  • JackJack Member

    I see "Error establishing a database connection" on there site being wordpress?

  • Running ?licensedebug&forceremote on any installation takes it offline, I thought they cached licenses if the server was down for situations exactly like this?

  • JarJar Member

    Compressed, hidden, crippled. So, how's hostbill?

  • TaylorTaylor Member

    Well someone is going to have a sleepless night.

    I know, I'm Dale Maily.

  • @AsadHaider said: Running ?licensedebug&forceremote on any installation takes it offline, I thought they cached licenses if the server was down for situations exactly like this?

    By default WHMCS' authentication software caches for like 4 - 5 days. They had a few times back in their WHMCS 3 days where they had a day+ downtime due to some equipment issues I think?

    Francisco

    BuyVM - OpenVZ & KVM Based / TUN + PPTP + FUSE+ SIT + GRE Support / Fully Managed / Anycast Support! / Stallion Control Panel
    BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
Sign In or Register to comment.