Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
WHMCS 5.12 Source Hacked on their website?
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

WHMCS 5.12 Source Hacked on their website?

CoreyCorey Member, Provider
edited January 2013 in General

I just installed a fresh copy of WHMCS 5.12 on a non compromised server - when I login I am redirected to 1&1 with an affiliate string at the end of it. WTF - and I just bought the owned license!!!!

BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
«1

Comments

  • jarjar Provider
    edited January 2013

    If someone doesn't bring me some popcorn right this darn second, I'm going to lose it.

    Also, first.

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • AlexBarakovAlexBarakov Member, Provider

    Damn, this is going to hit 200 comments atleast.

    AlphaVPS - Cheap VPS out of London, UK | Sofia, BG | Nuremberg, DE | NYC, US and LA, US. Cheap Dedicated servers with fast delivery!

  • CoreyCorey Member, Provider

    @jarland said: If someone doesn't bring me some popcorn right this darn second, I'm going to lose it.

    Also, first.

    @Alex_LiquidHost said: Damn, this is going to hit 200 comments atleast.

    I opened a ticket with WHMCS before I posted here - awaiting their reply.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • oh boy

  • what is the link?

  • Is your domain through 1and1?

  • gsrdgrdghdgsrdgrdghd Member
    edited January 2013

    There could be many reasons for this, e.g. @Corey's PC or internet connection being compromised or some misconfiguration

  • CoreyCorey Member, Provider

    @24khost said: Is your domain through 1and1?

    Nope.

    http://www.bitaccel.com/my

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • CoreyCorey Member, Provider

    @gsrdgrdghd said: There could be many reasons for this, e.g. @Corey's PC or internet connection being compromized

    Too bad I'm on debian.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • jarjar Provider

    Domain is using GoDaddy nameservers, so no chance of funny business from registrar in my opinion.

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • Site works fine here

    Check my blog for more cool *nix tips & tricks!

  • Nothing happens when clicking on Login, it just says "Login Details Incorrect. Please try again."

  • Load slow as hell but I'm not redirected.

    Linux noob willing to learn.

  • Works fine for me. I just download a copy the other day and didnt have problems with it.

  • CoreyCorey Member, Provider

    @djvdorp said: Site works fine here

    @Freek said: Load slow as hell but I'm not redirected.

    @gsrdgrdghd said: @Corey said: http://www.bitaccel.com/my

    Nothing happens when clicking on Login, it just says "Login Details Incorrect. Please try again."

    You have to be able to login with credentials.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • dunno

  • CoreyCorey Member, Provider

    Here are some credentials to try -

    admin
    98rdPZYBdBVtWPQO0AtN

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • doesn't happen to me.

  • CoreyCorey Member, Provider

    @24khost said: doesn't happen to me.

    Did you try my credentials?

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • jarjar Provider
    edited January 2013

    Found the culprit. It's in login.php. Source below:

    HR+cPw65oASFEJ68qcLTX0Felmvq6HJFEfdawTPd

    (trimmed because apparently this pathetic simple line of gibberish causes issues with Chrome on Mac)

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • CoreyCorey Member, Provider

    @jarland said: Found the culprit. It's in login.php. Source below:

    HR+cPw65oASFEJ68qcLTX0Felmvq6HJFEfdawTPd+ab3elhoir6WwIGcWMQ5J9T/AblscU3/u8Oc

    TXofwQD0G8+ml+lLg8YdxykTHDFauLODKExr/ZE63ehwuHJ7Di17hePExYS1MyoBnK4DimaYtXC3QKJuQGo52wysE/eqFKpZJi243v9KNaiX0iFriDvKUwOwwh97N1a02KRyGkCChGiU3ZkPwxcoRS+QddvTKhL88GttIUqDmubqaDsDKE3t7BFyoWJKnlS3W9CfDMwtvadjywowFTFC3mJBUMt5bd9MvfLv8bTDrIaurGD81FL0vTWilhytrSWjxI5rDNtqj+L+sY4z95cic+PEMZ/ZFalQ5RM8COFLZSPQkRyQ
    R2ywhDBMBVKmhcbZjp9s4S6YsrtqfKKcWma9jdnNAW8TC+soBcDF427NiOUfguDjj5wnnLp0V7cI
    gG0neVy3nRpT6whf8OHmacDpiBaJcq3cCFWrSB0kEiroi0cftlKPUKiiynx7CeF1E32lDsKDfOpY
    O7B43UQkrWGufTEPFY4PZ8lp539mjvd2tt7ILadOkuVtYfUY7rOa7MChnrljveMcZn5XVGIerWMZ

    Guessing you have an ioncube decoder?

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • jarjar Provider

    @Corey said: Guessing you have an ioncube decoder?

    No I just wanted to see if someone would take me seriously while I inhale this popcorn ;)

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • those login details don't work for me

  • hrmmmmm do you have https set?

  • 24khost24khost Member
    edited January 2013

    @Corey To resolve this just change "WHMCS System URL" field at WHMCS -> Setup -> General Settings to your own domain.

  • 24khost24khost Member
    edited January 2013

    do it via phpmyadmin and that should fix it.

  • @24khost you know you can edit your posts, right?

  • CoreyCorey Member, Provider
    edited January 2013

    System URL was set to
    SystemURL http://www.yourdomain.com/whmcs/

    So I'm guessing 1&1 owns yourdomain.com and WHMCS isn't auto setting the System URL - making me think wtf.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • jarjar Provider
    edited January 2013

    http://forums.knownhost.com/showthread.php?t=3589

    Oh well, guess this drama didn't play out.

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • mystery solved; we can all go home now

  • Correct sir. That should fix your issue!

  • CoreyCorey Member, Provider

    @jarland said: http://forums.knownhost.com/showthread.php?t=3589

    Oh well, guess this drama didn't play out.

    Except I was never able to get in to change that setting. I had to change it in SQL.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • jarjar Provider

    @gubbyte said: mystery solved; we can all go home now

    Selling popcorn....

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • google is your friend.

  • @Corey said: Except I was never able to get in to change that setting. I had to change it in SQL.

    During the install..?

  • not sure the other reason.

  • @Corey said: Guessing you have an ioncube decoder?

    i wish i had one.

  • CoreyCorey Member, Provider

    @24khost said: google is your friend.

    I googled the 1&1 affiliate id and it wasn't there.

    @NickO said: During the install..?

    Never saw this window during the install, it directed me to login page where I was redirected to 1&1 with affiliate ID. So apparently whoever owns that domain KNOWS this is happening.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • Could it be that, whmcs has this demo url "http://www.yourdomain.com/whmcs/" on general settings place and you decided to save the page without editing?

  • Really I think that it should be the ip in until it is set by the owner but that is just my programing thought.

  • CoreyCorey Member, Provider

    @NHRoel said: Could it be that, whmcs has this demo url "http://www.yourdomain.com/whmcs/" on general settings place and you decided to save the page without editing?

    That is the issue - but I honestly didn't see this page that asked about this setting.

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • Disaster averted, eh? Sometimes it's the simplest things :D

  • CoreyCorey Member, Provider

    @Damian said: Disaster averted, eh? Sometimes it's the simplest things :D

    Yes - thanks everyone! :)

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • A big mistery about yourdomaingoeshereblabla.com. They should stop using it at least buy the domain :)

    Instant Linux OpenVZ/Xen & Windows RDP VPS in 17 Locations : UK, USA (CA, TX, FL, GA, NJ states), Mexico, Canada, Bulgaria, Italy, Lithuania, France, Germany, Netherlands, Switzerland, Russia, Singapore | PayPal, Webmoney, Perfect Money, Bitcoin, Payza, Skrill, CashU, Ukash, Neteller
  • Anticlimax.

  • CoreyCorey Member, Provider

    @qhoster said: A big mistery about yourdomaingoeshereblabla.com. They should stop using it at least buy the domain :)

    Yea someone is making sales off of them :)

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • lzplzp Member

    @Corey said: So I'm guessing 1&1 owns yourdomain.com and WHMCS isn't auto setting the System URL - making me think wtf.

    No, some smart guy owns it and is probably making a fortune from it :) WHMCS should have been smart enough to fix that a long time ago (changing it to a different domain, that is).

  • CoreyCorey Member, Provider

    @lzp said: No, some smart guy owns it and is probably making a fortune from it :) WHMCS should have been smart enough to fix that a long time ago (changing it to a different domain, that is).

    They should also auto set the url with the installer so dummies like me don't have to bother with it (make www or non www an option you can choose later).

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • Thanks for the laugh!

    Retired!

  • BK_BK_ Member

    @unused said: Thanks for the laugh!

    ^

Sign In or Register to comment.