Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


WHMCS Hacked - Page 15
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

WHMCS Hacked

1121315171824

Comments

  • LOLOLOL,

    The wiki is showing the hacked by annon shit.

  • sshVMsshVM Member
    edited May 2012

    Looks like many Shell scripts has been dropped in first hack. Don't know why he needs Cpanel. It is not so difficult to configure/manage server without any panel. He should first get rid of panel and run his forum, blog, main websites in separate Ubuntu or Debian servers.

    Thanked by 1djvdorp
  • @Jack said: Just did a licensedebug forceremote for you seems to got a response so you're license should be active again now @Corey

    I have disabled licensedebug for now on my install.

    Thanked by 1klikli
  • @Jack said: That's a completely different "Hacker".

    HostGator probably gave out his password again.

  • SpencerSpencer Member

    I present to you: http://www.haswhmcsbeenhackedtoday.com/

    Thanks to joepie91 for the domain idea :p

    Thanked by 1djvdorp
  • Oh No!

    Brilliant idea though, you should send it to the WHMCS developers so at least they know when their site is hacked.

  • SpencerSpencer Member

    @Daniel said: Oh No!

    Brilliant idea though, you should send it to the WHMCS developers so at least they know when their site is hacked.

    Website use to work! Now it is pointing to the park page ugh

  • subigosubigo Member

    @PytoHost said: I present to you: http://www.haswhmcsbeenhackedtoday.com/

    Thanks to joepie91 for the domain idea :p

    lol... If WHMCS ever goes a day without getting hacked again, you should put a "IT HAS BEEN XX DAYS SINCE THE LAST WHMCS HACK" image up.

  • SpencerSpencer Member
    edited May 2012

    @subigo said: lol... If WHMCS ever goes a day without getting hacked again, you should put a "IT HAS BEEN XX DAYS SINCE THE LAST WHMCS HACK" image up.

    HAHA good idea. Is the website loading for you or is just a parked page?

    -Edit-
    Its back now, must of been DNS caching issue

  • @PytoHost said: HAHA good idea. Is the website loading for you or is just a parked page?

    -Edit-

    Its back now, must of been DNS caching issue

    Yep, its loading here.

  • laaevlaaev Member

    Wow, they are still hosting with HostGator even after all this. The members area and main site is on HostGator still.

  • rds100rds100 Member

    I don't think it was hostgator's fault after this. Hostgator followed their established procedures.

  • HerrMaulwurfHerrMaulwurf Member
    edited May 2012

    The attacker knew he security questions and answers. The first attack is definately not Hostgator's fault. Don't know what happend during the second attack.

    And I'm not a Hostgator fanboy, I don't have any services with them.

  • @Jack said: @TheHackBox said: What shady IRC networks are you on?

    . #lowendbox on irc.freenode.net

    Woah i miss IRCing :S Is that channel worth a look?

  • OliverOliver Member, Host Rep

    @gsrdgrdghd said: Woah i miss IRCing :S Is that channel worth a look?

    Definitely not!

  • joepie91joepie91 Member, Patron Provider

    @HerrMaulwurf said: The attacker knew he security questions and answers. The first attack is definately not Hostgator's fault.

    A little verification call from Hostgators side after a password change for a customer the size of WHMCS, wouldn't have been unreasonable.

    Thanked by 1klikli
  • @Oliver said: Definitely not!

    lol ok then :D

  • klikliklikli Member

    $ host www.whmcs.com
    www.whmcs.com is an alias for whmcs.com.
    whmcs.com has address 50.116.115.104

    $ host forum.whmcs.com
    forum.whmcs.com has address 207.58.161.149

    $ host blog.whmcs.com
    blog.whmcs.com has address 207.58.161.149

    It sounds that blog. and forum. has now been moved to somewhere in Servint.

  • ElliotJElliotJ Member

    @rds100 said: I don't think it was hostgator's fault after this. Hostgator followed their established procedures.

    In that case, their procedures simply weren't robust enough in this situation. :/

  • rds100rds100 Member

    @ElliotJ i guess the same is true for most providers offering "live chat support". That's why i don't understand why people want to use live chat - it is insecure and open to such problems. It is not that hard to login to your client are and submit a ticket...

  • 1q11q1 Member

    no luck trying to decrypt the blobs :/

  • @1q1 said: no luck trying to decrypt the blobs :/

    http://pastebin.com/FrHk9391

    Thanked by 1djvdorp
  • 1q11q1 Member
    edited May 2012

    no luck trying to decrypt the blobs :/

    @gsrdgrdghd said: http://pastebin.com/FrHk9391
    Thank you
    My bad noobness, still don't know where are my faults :/

  • 1q11q1 Member
    edited May 2012

    Now i know why it was not working. UG has changed the issuenumber blobs. lol!

  • RandyRandy Member

    lol, WHY Didnt the FBI take that cock sucker down, GearSec already released the Hacker's details

  • jarjar Patron Provider, Top Host, Veteran

    @Randy My guess is weekend and compiling the evidence. GearSec did a good thing there, but they aren't a legal authority. He'll be going down very soon.

  • RandyRandy Member
    edited May 2012

    they actiually got hold of his address , i think the hacker is not that stupid to put his address in public in the whois record right? LOL. its not a weekend? what are you talking about?

Sign In or Register to comment.