• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

hack whmcs v7

Is it possible that there is another malicious script on the host? Or are the same files that Antivarvel found on my host only active scripts?
 
I see this code in the .htaccess file. Is this code public code or malicious code?
Code: 
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
 
Is it normal or unusual for these files to start with a dot?
How to search and delete all these types of files that start with a dot? file.jpg
 
I found a file in the host called adminer.php, the execution of which gives us the username and password information to visit, and he can easily change it.
The question is, how did he manage to upload this file to our hosts?
The desired file is found in the directory of one of the WordPress plugins. But can we upload the effects of that file to everyone on the host? See the directories?
How could he
 
  • Sad
Reactions: d3v1l
saadatidust said:
I found a file in the host called adminer.php, the execution of which gives us the username and password information to visit, and he can easily change it.
The question is, how did he manage to upload this file to our hosts?
The desired file is found in the directory of one of the WordPress plugins. But can we upload the effects of that file to everyone on the host? See the directories?
How could he
Click to expand...
Just do one thing update whmcs to latest version.
 
We have a large web hosting company, We can migrate all of your websites for free also we will secure your whmcs installation 100% , We are in this industry since 2004
 
If you are using WordPress in same account, might be first WordPress got compromised and then from that they got into WHMCS. If you are using both WordPress and WHMCS in same account, you need to check both for any malicious files. I suggest using WHMCS in a subdomain with separate account.

WordPress is easy to get compromised (compared to WHMCS). When hacker got into your account from WordPress, they can see all files including WHMCS, they can access to WHMCS DB using details from configuration file and do whatever they want.
 
You must log in or register to reply here.

Similar threads

999jh
Payment Gateway Charges For WHMCS - Not Null
Replies
0
Views
69
WHMCS Modules
999jh
999jh
afreena
Support Verification PIN For WHMCS
Replies
2
Views
152
WHMCS Modules
afreena
afreena
afreena
Binance Pay For WHMCS
Replies
0
Views
102
WHMCS Modules
afreena
afreena
afreena
WHMCS Nulled - Null any plugins themes yourself.
Replies
41
Views
2K
WHMCS Modules
amitkumargarg
A
AldmeriDominion
Shamsi date converter WHMCS module
Replies
2
Views
146
WHMCS Modules
afreena
afreena

Latest posts

Forum statistics

Threads
79,527
Messages
1,144,354
Members
249,626
Latest member
kumba00

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock