[Tutorial] Hack WHMCS via symlinking - 💀 𝒸ʸ𝐛ᵉℝ-匚𝑜𝐝€ＲＣ๏𝕞𝕞𝓤ｎᎥᵗＹ💀

Members Login

Post Info TOPIC: [Tutorial] Hack WHMCS via symlinking

cYber-coder

Senior Member

Status: Offline

Posts: 317

Date: Apr 12, 2013

[Tutorial] Hack WHMCS via symlinking	Permalink Closed

Hi guys. Today i will be showing how to hack a WHMCS via symlinking so lets get started. Big thanks for HeXagone for helping me. :) Things you will need: 1) Shelled website 2) Tool i will post at the end of the tutorial 3) Putty 4) Symlink script 5) MySQL manager What is WHMCS? Code: `“WHMCS is an all-in-one client management, billing & support solution for online businesses. Handling everything from signup to termination, WHMCS is a powerful business automation tool that puts you firmly in control”` DEMO: http://demo.whmcs.com/ ADMIN AREA DEMO: http://demo.whmcs.com/admin/login.php Chapter I - How do i find if my server has WHMCS? That is easy Check your kernel. Usually it will be like: Code: `Linux ns1.hosting.com x.x.xx-xxx.xx.x.xxx #1 SMP xxx xxx x xx:xx:xx EST 2012 x86_64` If your kernel has something like "ns1.hosting.com" in your kernel that means WHMCS is installed on that site. So go to the hosting.com and you will probably find it. Or you can google dork it: Code: `site:hosting.com inurl:/admin/login.php "WHMCS"` Chapter II - Exploiting First off we need to find our hostings path. So do Code: `cat /etc/passwd` or just view the /etc/passwd file to find all the users on the hosting. Once you did that save it to the .txt file somewhere. In my example i got lucky and found the path easy. (There was WordPress installed so i viewed wp-content/plugins/akismet/legacy.php which gave me full path) You can look this tutorial for more methods: http://www.hackforums.net/showthread.php?tid=2517680 But usually you can find it by the URL. Now i know my site's path: Code: `/home/user/public_html/` And WHMCS path is /hosting/ so my goal file is configuration.php located in Code: `/home/user/public_html/hosting/configuration.php` Okay, now make a new folder in your shell. We will now try to access the file mentioned above. Next thing i want to is to enter the folder and upload the script (Located at the end of this tutorial) In that box enter the path and the file you want: Code: `/home/user/public_html/hosting/configuration.php` Press go and you now get something like this: Press on symlink and it will open a new page. Notice how the site is blank. That means it worked. Right click -> View source and our targets database will be there. Chapter III - Getting access to the WHMCS Now that you managed to get configuration info from the site you now need to connect to the MySQL base and create a new administrator. Open our mysql.php script (Provided on the end of the tutorial) and enter credentials (Username and password) When you are logged in on the main database click "Tables". NOTE: You can press "Dump" to save all info in the database! You got a list now. Good. Find tbladmins and click "Data" From there you can edit/add admin users. As you can see i added a new user so i can access it later. Now i login with the new user i created Now i have tool for this cases WARNING!: I didnt check for backdoors. So check it for yourself since i'm too lazy. There you can manage cPanels, dump them, view CC info and rest of the BH ****. :) OPTIONAL: In the PHP tool click on "FTP and SMTP password" (Or Host Roots). Try the password for the root in Putty. (It worked for me but they changed the passwords ;( ) Tools used: MySQL manager WHMCS tool Symlink tool Link: Code: `http://www.mediafire.com/?pf1blp18m883m6j` __________________

Page 1 of 1 sorted by

Tweet this page

Post to Digg

Post to Del.icio.us

Create your own FREE Forum
Report Abuse