[ASK] Perubahan data di WHMCS yg mencurigakan

Discussion in 'Web Hosting' started by Bestariweb Studio, 8 Apr 2014.

Thread Status:
Not open for further replies.
  1. Bestariweb Studio

    Bestariweb Studio Apprentice 1.0

    Messages:
    264
    Likes Received:
    15
    Trophy Points:
    18
    Selamat sore mastah semua,
    Sore ini ana dapet email registrasi client di WHMCS. Beberapa menit kemudian ada email lagi tentang perubahan data client, dengan isi email seperti ini:

    Client ID: Stan Evans has requested to change his/her details as indicated below:

    First Name: 'Stan' to 'AES_ENCRYPT(1,1), firstname= (SELECT GROUP_CONCAT(id,0x3a,username,0x3a,email,0x3a,password SEPARATOR 0x2c20) FROM tbladmins)'
    Last Name: 'Evans' to '1'
    Company Name: 'Bayz96' to '1'
    Address 1: 'PO box 494' to '1'
    Address 2: 'PO box 494' to '1'
    City: 'LAKE ARROWHEAD' to '1'
    State: 'Florida' to '1'
    Postcode: '92352' to '1'
    Phone Number: '9092925028' to '1'
    Default Payment Method: '' to ''

    Versi WHMCS saya 5.2.15

    apakah client ini bermaksud meng-hack ? Untuk alasan keamanan, saya sudah Delete client tersebut.

    Mohon pencerahannya
     
  2. ngalam

    ngalam Apprentice 1.0

    Messages:
    285
    Likes Received:
    5
    Trophy Points:
    18
    Sepertinya sedang mencoba inject Pak, banned saja langsung untuk lebih amannya.
     
  3. dhyhost

    dhyhost Hosting Guru Web Hosting

    Messages:
    3,950
    Likes Received:
    615
    Trophy Points:
    113
    3-4 bulan yang lalu sering dapat perubahan seperti itu, tapi sekarang sudah tidak ada
    itu si user mau coba injek
     
  4. ceo.ahlul

    ceo.ahlul Expert 1.0 Web Hosting (Company)

    Messages:
    622
    Likes Received:
    255
    Trophy Points:
    63
  5. Axiadata

    Axiadata Poster 2.0

    Messages:
    162
    Likes Received:
    25
    Trophy Points:
    28
    upgrade ke 5.3 aja mas bro. dulu pas saya masih pake versi 5.2 sering dpt kaya gitu. itu langsung delete aja akun si klien
     
  6. el_makong

    el_makong Hosting Guru

    Messages:
    1,105
    Likes Received:
    102
    Trophy Points:
    63
    delete akun...kalo mau lebih aman, paling tinggal limit changes dari general settings...tapi kekurangannya, pas user mau ganti data2, musti kontak admin dulu..
     
  7. junior riau

    junior riau Hosting Guru Web Hosting

    Messages:
    3,237
    Likes Received:
    515
    Trophy Points:
    113
    wah, kalau saya di hantam dari submit ticket, doi submit code php shell
     
  8. pedagang

    pedagang Expert 1.0

    Messages:
    674
    Likes Received:
    109
    Trophy Points:
    43
    berpengaruh apa nggak ya, kalau security optimize pada "php.ini" misalnya dg
    cgi.fix_pathinfo = 0

    # BTW, repot juga bisnis hosting, perlu siap skill juga :D belajar dulu ah
     
  9. junior riau

    junior riau Hosting Guru Web Hosting

    Messages:
    3,237
    Likes Received:
    515
    Trophy Points:
    113
    sangat repot, hihi kudu update mulu
     
  10. Bestariweb Studio

    Bestariweb Studio Apprentice 1.0

    Messages:
    264
    Likes Received:
    15
    Trophy Points:
    18
    Makasih semuanya...
    Akun dah saya delete..
    WHMCS dah upgrade ke 5.3.5
    IP dah saya BAN
    alhamdulillah blm terjadi apa-apa
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...