alan2013 Posted June 14, 2013 Share Posted June 14, 2013 I need to add "postback URL's to the Approval and Denial Post URLs" to the ccbill admin. But how do i find out what my postaback url's are? Quote Link to comment Share on other sites More sharing options...
httptunnel Posted January 14, 2016 Share Posted January 14, 2016 After watching a customer downloading stuff without any money hitting ccbill (he got greedy and started downloading more and more or I would not have noticed), I finally took the time to dissect the Logs to figure out exactly what he was doing. I have figured out the exploit and can now repeat over and over. It has to do with "checkout_process.php" but exploit requires 1 successful purchase before you can use that info to steal the rest of the digital downloads. Luckily, it is just ONE guy and I am tracking him constantly now. He will soon tire of having to get a new IP (I lock him out via iptables) AND having to make a new account each time now. I don't want to spell out the exploit or mention the site because I don't want to have to deal with 10 guys doing this :( I haven't tested this with other payment modules because I only use ccbill. I would like to contact and work with the Author of the Module OR some other expert to get this fixed eventually. You can contact me at httptunnel at gmail if you are the Author or equivalent. Let's fix this !! Don't just contact me to ask exploit details for download fun. Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.