WHMCS Exploit attacks.

Status
Not open for further replies.

dotvps

Banned
Banned
349
2011
40
0
Hi,


These IPs are the ones trying to exploit my WHMCS i'd thought i'd let the other hosts on WJ know the IPs.

Maybe some of the mods can check if any of these are members?

IP : 77.30.43.31

IP : 66.85.140.26

IP : 62.150.216.181

IP : 2.91.43.150

IP : 82.102.207.72

IP : 212.118.143.42

IP : 77.30.229.74
 
21 comments
IP : 77.30.43.31
- Saudi

IP : 66.85.140.26
-United States

IP : 62.150.216.181
-Kuwait

IP : 2.91.43.150
-Saudi

IP : 82.102.207.72
-Palestine

IP : 212.118.143.42
-Saudi

IP : 77.30.229.74
-Saudi

someones protecting them selves with server ips/bots

unless if these ppl are ffrom saudi they will most likely take ur site down :/
u know what i mean do not argue with my mind @ state ATM..
 
Last edited:
Here is the IP that tried on mine

79.141.163.5

[mod] found a match...please pm me proof ~Mindy [/mod]
 
Last edited by a moderator:
you should post it...we dont mind checking

I already posted a few IPs, robert found out the member and banned him. He's unbanned now from some crazy unknown reason, what's the point then?

EDIT: And post where I posted it is deleted together with the whole thread. No idea why, it was a LEGIT thread.
 
I really dont know any of those details - or why the person was unbanned. But if you pm me next time I'll definitely check them out.
 
Hate to be an ass but to staff just be careful in doing this. WJ has since it's start not got involved with outside hacking attempts and it's always being against posting details of people both members and non members such as real names, addresses, links to facebook profiles or IP addresses without the persons permission. Admins have stated several times it's not WJ's job to police the Internet. It's only in extreme cases where members are banned for reasons not relating directly to WJ and when their is absolute certainty the person is responsible for the incident. eg boxhead about a year ago.

I could easily modify a screenshot of IP logs to show the IP of someone I wanted details of, PM it to you and get their username and possibly even get them banned. I'd advise to not get involved as you could accidently cause serious problems for an innocent member. I'm also pretty sure it's in the terms and conditions/privacy policy of registering on WJ, as it is on most sites, that info will not be passed onto third parties unless their's a court order or similar forcing them to do so.

Personal details are an extremely sensitive area and shouldn't be handed out or posted except in extreme circumstances.
 
All good points and I'll leave it to the green mods or admins to decide what to do - I do think that IP's shouldn't really be posted here, but pm'd instead if we are going to check them.

I dont think that protecting our members is policing the internet though. We don't allow people to do other things (like sell scripts that are the property of others) that are cheating or abusive so banning hackers on WJ seems reasonable.
 
Instead of finding out who the attacker is I believe we should be more focused on securing our servers.

I couldn't agree more. :)

I don't really care if he's banned or not, it doesn't really make any difference to me. YOUR security is YOUR responsibility. If you don't take it seriously you will get hacked, it's always been like this. In some cases it's good, it puts noobs out of the industry and leaves space to the real providers who have a clue about security and servers.
 
Instead of finding out who the attacker is I believe we should be more focused on securing our servers.
Obviously but I want to know I can trust WJ with my details.
I dont think that protecting our members is policing the internet though. We don't allow people to do other things (like sell scripts that are the property of others) that are cheating or abusive so banning hackers on WJ seems reasonable.
Ya but selling scripts they don't have the rights to or abusing members directly affects WJ. Their are potential legal issues directly affecting WJ in both cases (DCMA or racism charges etc). If QuickSand were to hack a website I owned it wouldn't have any direct legal connection to WJ unless by some weird situation he gained access to my WJ account and I had the server login details in a PM. It's exactly the same way WJ doesn't ban members for transactions that happen outside WJ. If the transaction happened as a result of a sales thread then WJ does get involved.
All good points and I'll leave it to the green mods or admins to decide what to do - I do think that IP's shouldn't really be posted here, but pm'd instead if we are going to check them.
I'd be extremely worried if you started handing out IP's or other details over PM to other members and I'd suggest an immediate halt to this if any staff are involved in this as it still breaks the privacy policy.

Privacy and personal details on a site like WJ are incredibly important due to the nature of things being discussed. We all hear about the privacy issues sites like Facebook, Google, etc. and they aren't even about such serious issues as uploading and distributing illegal content.
Look at all the anger their was when Hotfile were ordered to hand over IP's of uploaders by the court and your just handing them out free without a court order via PM?

These are extremely sensitive details and should be treated so.
 
Last edited:
I'd be extremely worried if you started handing out IP's or other details over PM to other members and I'd suggest an immediate halt to this if any staff are involved in this as it still breaks the privacy policy.
We aren't handing out IP's to anyone MrHappy....i'm not sure how you got that from what I said.
 
I couldn't agree more. :)

I don't really care if he's banned or not, it doesn't really make any difference to me. YOUR security is YOUR responsibility. If you don't take it seriously you will get hacked, it's always been like this. In some cases it's good, it puts noobs out of the industry and leaves space to the real providers who have a clue about security and servers.

Well you're right.

But if its something wrong in WHMCS they should take action against this.

But they have released some patch's already.

Regards
 
i had similar attack ,woke up a morning to find 109 ips banned by whmcs for illegal login atatempt ,simply restricted admin access to only one static ip of mine, two days back some hacker again created a client account and created a suppport ticket with php code in subject line some 800 characters long which didnt helped him to hack my site.whmcs guys say i am safer as long as i use latest version but truth is i am really worried :(
 
created fake admin pages, so who ever tried for hacking admin area is mailed to me(with username, password, and ip) so i ban their ip in this way only.........

i don't know any other ways to ban, and don't know how to check whether they're hacking or not...

but banned most spam bots ip:



Note:
i checked these ip's with awstats ip list, half are spam bots, so banned most, but still they're trying to do some with another ip's.........


So we need security section to discuss about exploits, protecting sites from hacking and experience of webmaster(it's important) , because now a days tons of hacking and others are going on......


I mostly get banned ip list from this[they have api, but i don't know how to use :( ]:

Homepage: http://www.Blocklist.de
List : http://www.blocklist.de/en/export.html
Typ: all

Last change: T05:00:16 +0100 (CET)
Counts: 33909
Description: All listed IP-Addresses, who attacks one of our Customer/Server in the last 48 Hours.
Download: http://www.blocklist.de/lists/all.txt
 
Status
Not open for further replies.
Back
Top