Perfex - Powerful Open Source CRM By MSTdev

Perfex - Powerful Open Source CRM By MSTdev v3.2.1

No permission to download
Overview Updates (32) Reviews (36) History Discussion
tanierlyons

tanierlyons

Well-known member
Staff member
Administrative
Moderator
May 24, 2018
75,064
111,714
120
Tomz updated Perfex - Powerful Open Source CRM with a new update entry:

Perfex CRM v2.8.2

Download Perfex v2.8.2 - Powerful Open Source CRM Nulled Free
v2.8.2 March 18, 2021
  • Added ability to add an assignee to task checklist item.
  • Added ability to hide/show completed task checklist items.
  • Improvements in staff delete data transfer.
  • Fixed timesheets overview report.
  • Fixed project discussion new comment.
  • Fixed incorrect ticket attachment in ticket public view.
Click to expand...

Read the rest of this update entry...
 
  • Love
  • Like
Reactions: robsong, JRGWxRxZ, Maxpayneinfo and 2 others
RainMaker

RainMaker

Well-known member
Trusted Uploader
May 6, 2020
227
170
50
Earth
@Tomz

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
 
Last edited:
  • Wow
Reactions: DonJose
pcintav

pcintav

Active member
Oct 8, 2018
214
102
43
RainMaker said:
@Tomz

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...

Dangerous
 
Y

yodabosten

New member
Aug 23, 2020
1
0
1
RainMaker said:
@Tomz

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...
Any update on how to remove the backdoor?
 
Efacid

Efacid

Well-known member
Trusted Uploader
Jun 17, 2020
102
334
53
include_once('earth.php');
RainMaker said:
@Tomz

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...

The surveys, backup, goals, theme_style & menu_setup are premodules and served by Perfex with every update...doesnt matter if they r updated or not.
I rechecked all premodules from 2.4.4 on. Is it possible that u dont update the modules folder ?
Last dev update in the survey module was on 2.8.1 and before it was 2.5.1 !

The provided versions 2.8.1 and 2.8.2 r clean !

Otherwise, is it possible that ur structure was open in any way so someone could add malicious files ? Just a thought.
Sorry what happened to your server.
 
  • Like
Reactions: jauza
RainMaker

RainMaker

Well-known member
Trusted Uploader
May 6, 2020
227
170
50
Earth
No those files are in the file downloaded from Babiato. I actually just deleted the ENTIRE [SURVEYS] folder and it doesn't happen anymore. Was using like 75% of my server before I found / deleted the trigger files - it and then he [the hacker] wiped it entirely out in response.. Again be careful with that. I am not complaining [as I fixed the issue] I am just giving a heads up. It had absolutely nothing do with that @Efacid but all good. Its a sleeper. You can see the code in the downloaded files. [SURVEYS] folder. This obv isnt the dev as no dev would wipe out an entire server in response to that. And it was actually triggered after we loaded a bunch of leads - like 1000+ from an excel sheet. I saw in the server records. [DevMike] was the handle.

We reinstalled all - deleted that folder for now - and all works PERFECT with no more issues [even after upload] ;)
 
Last edited:
  • Like
Reactions: DonJose
guguk

guguk

Well-known member
Jul 19, 2019
1,150
828
113
Ottoman Empire
RainMaker said:
No those files are in the file downloaded from Babiato. I actually just deleted the ENTIRE [SURVEYS] folder and it doesn't happen anymore. Was using like 75% of my server before I found / deleted the trigger files - it and then he [the hacker] wiped it entirely out in response.. Again be careful with that. I am not complaining [as I fixed the issue] I am just giving a heads up. It had absolutely nothing do with that @Efacid but all good. Its a sleeper. You can see the code in the downloaded files. [SURVEYS] folder. This obv isnt the dev as no dev would wipe out an entire server in response to that. And it was actually triggered after we loaded a bunch of leads - like 1000+ from an excel sheet. I saw in the server records. [DevMike] was the handle.

We reinstalled all - deleted that folder for now - and all works PERFECT with no more issues [even after upload] ;)
Click to expand...

I was used old version and i deleted to all files because installing for new version but i have doubt now. What should i do?
 
babidodo

babidodo

New member
Jan 12, 2021
16
8
3
RainMaker said:
No those files are in the file downloaded from Babiato. I actually just deleted the ENTIRE [SURVEYS] folder and it doesn't happen anymore. Was using like 75% of my server before I found / deleted the trigger files - it and then he [the hacker] wiped it entirely out in response.. Again be careful with that. I am not complaining [as I fixed the issue] I am just giving a heads up. It had absolutely nothing do with that @Efacid but all good. Its a sleeper. You can see the code in the downloaded files. [SURVEYS] folder. This obv isnt the dev as no dev would wipe out an entire server in response to that. And it was actually triggered after we loaded a bunch of leads - like 1000+ from an excel sheet. I saw in the server records. [DevMike] was the handle.

We reinstalled all - deleted that folder for now - and all works PERFECT with no more issues [even after upload] ;)
Click to expand...
Can u suggest if this script can be used as it is? Will it create issues?
 
RainMaker

RainMaker

Well-known member
Trusted Uploader
May 6, 2020
227
170
50
Earth
I am using it just NOT with the SURVEYS folder. If you look in that folder there are a few files mentioned above that if you translate from base64 youll see what he [whoever it is] is doing.
 
RainMaker

RainMaker

Well-known member
Trusted Uploader
May 6, 2020
227
170
50
Earth
We just actually bought Perfex - to get that back [surveys main mod] - and that added code is not there.

;)
 
  • Like
Reactions: xgod
tanierlyons

tanierlyons

Well-known member
Staff member
Administrative
Moderator
May 24, 2018
75,064
111,714
120
RainMaker said:
@Tomz

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...
what :D? i downloaded directly from codecanyon bro
i can show u proof u want
 
  • Like
Reactions: solbadguyky
You must log in or register to reply here.

Similar threads

MrSam_1
Perfex CRM SaaS Module - Transform Your Perfex CRM into a Powerful Multi-Tenancy Solution
Replies
2
Views
325
PHP Scripts
MrSam_1
MrSam_1
MrSam_1
PrediX - AI Module For Perfex CRM
Replies
0
Views
25
PHP Scripts
MrSam_1
MrSam_1
MrSam_1
Email Template Manage Module For Perfex CRM
Replies
0
Views
85
PHP Scripts
MrSam_1
MrSam_1
MrSam_1
Zapier module for Perfex CRM - Automate Your Workflow and Business Tasks
Replies
0
Views
82
PHP Scripts
MrSam_1
MrSam_1
MrSam_1
Extra Settings Module For Perfex CRM
Replies
0
Views
78
PHP Scripts
MrSam_1
MrSam_1

Latest posts

Forum statistics

Threads
69,226
Messages
908,430
Members
237,007
Latest member
qazzaqqazzaq

Share this page

Share this page

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Forums Contact us

User Menu

Login
Community platform by XenForo © 2010-2022 XenForo Ltd.
Top Bottom