New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Anyone been having this in tickets lately?
Had multiple tickets with this... anyone else had/seen this before? Is their a WHMCS exploit going around?
Comments
header('Location: tubgirl.com');
exit();
Francisco
http://www.base64decode.org/
I had a few of these at my installation a few weeks back, just add a spam control filter to block them.
The exploit doesn't work if your WHMCS is up to date.
So if my ticket says {php} will get blocked lol
Why would a client ever email you with "{php}evaL(base64_decode..."? Chances are it's going to be spam.
Yes I know, just is funny :P
If you actually read more of the paste, you would of seen that the OP already did that.
oh yaa sorry
Yea, we had one of those a couple weeks back.
I have a hook in place that compares the IP that submitted the attempted exploit against recent client login records. It's always amusing to hear the stories of "I wasn't trying to do anything bad" :P
there are talks on 0day exploit that gives you free vps on xen without paying. Affects all xen system.
via WHMCS?
Ehhhh seems suspicious. Because I doubt this new fantastic 0day will work with solus, HyperVM, VirtPanel, Virtuozzo etc. Just no way one 0day will work with all the modules.
It should be from whmcs. these guys are selling the exploit at 500 dollars.
So basically you get free VPS for $500?
Haha yeah I don't see the point really why you'd want to pay so much.
The free VPS thing is not real.
500 / Number of Xen VPS hosts, let's say, 1000.
1000 * 1000 emails/minute for... a couple hours, before it's noticed
0.00001% buy the crap advertised at $10 -> 1200 * 10 = $12000 every two hours.
Multiply that a few days.
???
Profit!
$500 for all of that, not bad.
I see how that can be (ab)used if there is such exploit, I was just pointing that 500/n !=0, even if n->∞
Didn't consider spamming :P never come across that problem
People who buy that crap shouldn't be allowed on the internet.
Well but lim n->∞ (500/n) = 0 ;-)
Also if you find the bug & write the exploit yourself you won't have to pay the 500$ :P
We are receiving about 1 or 2 tickets a week with this content.
It's an exploit for a vulnerability in WHMCS which was fixed during an WHMCS update in December 2011. If you're running an up-to-date version of WHMCS, you simply can delete this tickets.
@Dotvps, your hook fixed it!
@Everyone else, it was just a bit annoying.. over 100 tickets with this in. eh.
jeez =\