WHMCS Exploit (New for 10/5/2012)

[handsonhosting]

A new WHMCS Security Alert has been issued today. It has to do with a gateway module called "Boleto". It is advised to change the permissions on the /modules/gateways/boleto/ folder or remove the folder if you don't need that module.


http://forum.whmcs.com/showthread.php?60646-WHMCS-Security-Alert

 

[fliphost]

It appears that WHMCS is becoming a steady target for hackers these days.

 

[rds100]

It is a good idea to just delete / chmod 000 any modules which you are not using. Not just for payment gateways but also for registrars, etc.

 

[agentblack]

Thanks for the heads up HandsOn! Always glad to see others looking out for each other.

 

[HostLeet]

I got the notification from WHMCS about it this morning as well. Thanks for sharing.

 

[handsonhosting]

Yeah WHMCS was a little late with their emails. They had a posting on twitter and it was nearly 10 hours later that I received the email saying that there was an exploit. Always good to follow them on twitter!

As for them becoming a regular target - that's what happens when you're good. They've had their issues in the past, but it's still one of the best web hosting billing/support system out there.

I'll also second the statement from rds100 about removing modules - this should be true in any software package. People like to include various modules in software packages, but really, just remove anything you're not using, and if it's hard coded into a system, remove the code for faster speeds.

 

[Kolten]

Yeah they tell you to delete the folder is your best bet from your directory.