New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
WHMCS WebHost License Bypass Loophole
WHMCS is an excellent web hosting billing software. When I googled about WHMCS Free License, I found that the only way to obtain genuine free license is to purchase specified products at WHMCS's cooperative companies like HostGator, Surpass, HostDime and return to whmcs.com to sign up for a Web Host license.
However, after several days' research, I figured out a way to obtain free license without hosting at them, and you can pass the domain verification at http://www.whmcs.com/members/verifydomain.php. you can go to my blog to read more: [link removed]
If you have any question about this just let me know. For test purpose only. 
Thanked by 1Mark_R
Comments
is this legal?
Yeah as I mentioned in the post, this app just simulates a manual request to WHMCS licensing server.
Sorry but this "activation" can only be used on the cracked version of the WHMCS because I believe the actual WHMCS checks on IP periodically to make sure it is the IP you registered with.
So no, it is no way legal.
Yeah this works. Somebody here on LET was selling these licences.
From your blog...
Not legit man.
@GreenVine your script will make WHMCS verified and nothing else. You simply suggesting to null whmcs and activate it through your script.
You'd better post it in summer.
I just want to post this here:
http://lowendtalk.com/discussion/15263/new-lowendtalk-rules-and-guidelines
Sounds fraudulent to me
This is just guide you how to get verified on whmcs.com, did NOT say anything about null the software.
nice guide, thanks.
They are not the same?
Not nulled, just a way for people who haven't purchased WHMCS to do so without a proper license. WHMCS issues those licenses to be used at those providers. By circumventing this your license is no longer valid, the system just hasn't been changed to reflect it yet. The motivation and result is equal to nulled script.
Null the software means to decode and modify its source code. Did I say anything about that?
I would consider this facilitating the activation of illegally obtained software. I reckon a lengthy ban is in order.
While this is indeed illegal in my eyes, instead of arguing on a forum, open a ticket with WHMCS, tell them about all this (i.e. how their system can be circumvented) and they should find a way to fix it.
They even have a bug bounty program now.
Bug bounty? I love the idea of being a bounty hunter!
They even have a bug bounty program now.
I treated this as a bug so I already reported to WHMCS before I post this article.
Well unfortunately for you, I referred them to this thread so they could see the bug in practice. I would assume that as you're clearly promoting this bug, WHMCS won't be very happy with you lol.
Uhm, recently some security guys dissected the underlying API of snapchat and posted the code that could be used by anyone to gather information through that API that was certainly not intended by snapchat. This looks similar. Someone wrote code to communicate via an underlying (undocumented) API with the WHMCS licensing servers, and as a result was able to deduct how the latter could be "convinced" that it is dealing with a legit license request (by using whitelisted IPs from WHMCS partners). That should be easy to detect/prevent by checking the IP of the host that is doing the API queries. Either way, it's definitely different from nulling/modifying a copyrighted software.
big fail on whmcs's side...
Well I already submitted a bug report to them, I hope they can attach importance to this issue:)
and what makes it illegal exactly? You can run whmcs nulled legally in places like iran.
Lol
I do not think this is a illegal activity as we do nothing to WHMCS software itself. Their system has a verification bug which we can bypass it.
Which is called beguilement/deception.
You didn't obtain a right from the owner to use the software. You, however, found out how the owner checks if someone obtained the right to use the software. And you found out that you simply need to provide a valid IP to let the owner think you obtained the right to use the software. So all you do is to provide a valid IP, that you do not have any connection with. And you provide that specific IP with the sole intent to deceive the owner of the software so that the owner thinks you have obtained a right to use the software. Since the owner does only see that you provide a valid IP he does not block your usage of the software. He therefore looses the amount of money from you that you would have to pay to obtain the right to use the software.
That is a classic fraud.
Tell that to Microsoft and those who use the Windows activator
Did you think before you posted this nonsense?
Kind of market strategy LoL
Windows activators usually patch the kernel etc
it is not like abusing a existing bug, you are creating it.
this remains a moral question.. are you going to pay the developers and support them funding their future better products or are you going to be selfish?
You may call it fraud using such a tool / a license acquired through such a tool (depending on where you live) - it's not fraud to discover the loophole and write about it.