amuck-landowner

Is WHMCS next to be exploited?

MartinD

Retired Staff
Verified Provider
Retired Staff
First, I have no part in this with you.

Secondly, Curtis G and I* are releasing zero-day* vulnerability* for HostBill* and WHMCS* in 2 days on Friday at noon *

Thirdly, if you keep including me in your bullshit, I will be calling the police.
Are you for real?

You're going to call the police?

Actual. Fucking. LOL.
 

JDiggity

New Member
MannDude can we ban johnny and his ip?  He is a worthless pile.  Steals his moms credit card,  I am not sure he is even supposed to be on websites related to this type of information.
 

johnnyd95

New Member
First, I have no part in this with you.


Secondly, Curtis G and I* are releasing zero-day* vulnerability* for HostBill* and WHMCS* in 2 days on Friday at noon *


Thirdly, if you keep including me in your bullshit, I will be calling the police.
Stop denying your part of it, we had this planed out for months. You gain trust from the community, then hack RamNode allowing them to blame robert, then release 0day exploit attacking CVPS, then according to our plan I join, and we tell everybody whats to come.
 

MartinD

Retired Staff
Verified Provider
Retired Staff
MannDude can we ban johnny and his ip?  He is a worthless pile.  Steals his moms credit card,  I am not sure he is even supposed to be on websites related to this type of information.
Let's see what happens. They appear to be as bad as each other. Some timeout for both might be around the corner.
 

AnthonySmith

New Member
Verified Provider
Said it once and I will say it again, this sort of crap should come with a minimum 2 year jail term, if you break in to an insecure door on a store and then make it impossible for the store to operate you will go to jail and be paying back damages for the best part of your life, just because you can sit behind a computer and destroy lives and business does not make things any less real.

The world needs to sack up and do something to serious deter this sort of thing, I used to be all about respecting privacy on the internet but when so many people are out to hurt others for nothing more than bragging rights it is just playing straight in to the hands of those that would seek to take away privacy on line.and frankly they would have my vote if it stopped the majority of this BS.
 

Reece-DM

New Member
Verified Provider
How does posting a SS of the source code prove there an vuln in it?

Anybody can decode WHMCS jesus there is  numerous copies scattered about the internet over the years.

Please stop this stupidity.
 

AnthonySmith

New Member
Verified Provider
@AnthonySmith Can we go back to the old days and just string them up?
I think we just need a bounty site.

Example of how it works:

Ramnode got hacked so they post all logs and information , links and background and net loss including man hours spent etc.

Then people contribute in a kick starter style, the higher the price the more interest in finding the responsible person and the person that is directly responsible for providing the information that leads to the punishment through law or the ass kicking of a life time (injury must be permanent e.g. smash knee caps, fingers taken) gets 50% of the money and the other 50% goes to the victim but only on either the on line posting of the ass kicking or the confirmed arrest.

Seems fair to me and as much as that may sound funny I would absolutely back it 100%
 
Last edited by a moderator:

jarland

The ocean is digital
Yeah, that skid is me and Curtis G if you havent figured it out by now.
I really appreciate you guys shutting down my business for a week. Me and Ryan both out of town, myself on very bad Internet and no cell signal. Don can only be expected to stay awake so much. This was an unusual week as I work one job out of town every year and Ryan went to hostingcon. Regardless, you two are the cause of much stress, suffering, and financial loss this week. Our clients are as safe as we can make them (Internet, "safe" is a relative term), can't say the same for our physical and mental well being right now.

I hope you're both real proud. I just want you to know that I really appreciate the fact that this week I'm audio engineer, videographer, and I have to play sys admin at night now so I'm literally getting sick from lack of sleep. Much appreciated. Wish you'd picked another week.


There are people on the other side of that screen you know.
 
Last edited by a moderator:

netnub

New Member
:popcorn:

From LEB:

g0T5fVs.png

z0e.png
 

HalfEatenPie

The Irrational One
Retired Staff
Don can only be expected to stay awake so much.

Red Bull gives you wings!

Also might be why I was on this forum so much during the last couple of days, 4-5 hours a nightish sleep (semi-uneasy sleep really, waking up every once in a while to check), no DRINKING (maybe a beer or two here but no "drinking" drinking).  And IRC.  And Skype.  We did prepare for it though!  

HalfEatenPie with no alcohol is like...  Earth with no water.  
 
Last edited by a moderator:

Flapadar

Member
Verified Provider
I don't think whoever posted that on LEB knows what XSS is. Causing the hostbill login to run a script in your own browser isn't exactly an accomplishment. 

If it can run in someone else's, sure; good game. Pat yourself on the back. Doesn't look like it though. 
 
Last edited by a moderator:

nunim

VPS Junkie
Why aren't these people banned from VPSB?  I didn't think we were a skid friendly community.   Both hostbill and WHMCS unencrypted sources are available from a variety of sites, if you have an exploit and you're going to cause "lolz" then go for it and shut the fuck up about it already.
 
Last edited by a moderator:
Top
amuck-landowner