PHP and Website Security ProjectX

ProjectX WHMCS Exploit Tool

Local File Disclosure

We decided to stop the project, “WHMCS LFD Exploiter” and decided to make a modification out of it in PHP. The function is still the same because it still gets the db_username and the db_password but what has been changed is that it is user friendly and allows the user to change and the payload.

WHCMS Exploit Tool
Pawning a Carting Site

Here is the full script:

Payloads that may come in handy:


For more information about this exploit check my previous article about it.