[AusNOG] whmcs.com - hacked
Daniel O'Connor
doconnor at gsoft.com.au
Tue May 22 12:24:35 EST 2012
On 22/05/2012, at 10:06, Mark Newton wrote:
> On Tue, May 22, 2012 at 10:32:59AM +1000, Joseph Goldman wrote:
>> But of course, all your other information such as tickets and billing
>> information should be on the lookout to change, change all your
>> important passwords especially if for some reason you supplied it in a
>> ticket to WHMCS or anything of that nature.
>
> I wouldn't put too much faith in the claim that client passwords
> are okay because they're hashed either. A bit of rainbow table
> analysis would yield a decent proportion of passwords pretty quickly.
Surely they're salted SHA256 or PBKDF2?
No? Bueller? Bueller?
--
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
More information about the AusNOG
mailing list