• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

Perfex - Powerful Open Source CRM By MSTdev

Perfex - Powerful Open Source CRM By MSTdev v3.1.6

No permission to download
Overview Updates (34) Reviews (39) History Discussion
Babak updated Perfex - Powerful Open Source CRM with a new update entry:

Perfex CRM v2.8.2

Download Perfex v2.8.2 - Powerful Open Source CRM Nulled Free
v2.8.2 March 18, 2021
  • Added ability to add an assignee to task checklist item.
  • Added ability to hide/show completed task checklist items.
  • Improvements in staff delete data transfer.
  • Fixed timesheets overview report.
  • Fixed project discussion new comment.
  • Fixed incorrect ticket attachment in ticket public view.
Click to expand...

Read the rest of this update entry...
 
  • Love
  • Like
Reactions: robsong, JRGWxRxZ, Maxpayneinfo and 2 others
@Babak

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
 
Last edited:
  • Wow
Reactions: DonJose
RainMaker said:
@Babak

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...

Dangerous
 
RainMaker said:
@Babak

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...
Any update on how to remove the backdoor?
 
RainMaker said:
@Babak

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...

The surveys, backup, goals, theme_style & menu_setup are premodules and served by Perfex with every update...doesnt matter if they r updated or not.
I rechecked all premodules from 2.4.4 on. Is it possible that u dont update the modules folder ?
Last dev update in the survey module was on 2.8.1 and before it was 2.5.1 !

The provided versions 2.8.1 and 2.8.2 r clean !

Otherwise, is it possible that ur structure was open in any way so someone could add malicious files ? Just a thought.
Sorry what happened to your server.
 
  • Like
Reactions: jauza
No those files are in the file downloaded from Babiato. I actually just deleted the ENTIRE [SURVEYS] folder and it doesn't happen anymore. Was using like 75% of my server before I found / deleted the trigger files - it and then he [the hacker] wiped it entirely out in response.. Again be careful with that. I am not complaining [as I fixed the issue] I am just giving a heads up. It had absolutely nothing do with that @Efacid but all good. Its a sleeper. You can see the code in the downloaded files. [SURVEYS] folder. This obv isnt the dev as no dev would wipe out an entire server in response to that. And it was actually triggered after we loaded a bunch of leads - like 1000+ from an excel sheet. I saw in the server records. [DevMike] was the handle.

We reinstalled all - deleted that folder for now - and all works PERFECT with no more issues [even after upload] ;)
 
Last edited:
  • Like
Reactions: DonJose
RainMaker said:
No those files are in the file downloaded from Babiato. I actually just deleted the ENTIRE [SURVEYS] folder and it doesn't happen anymore. Was using like 75% of my server before I found / deleted the trigger files - it and then he [the hacker] wiped it entirely out in response.. Again be careful with that. I am not complaining [as I fixed the issue] I am just giving a heads up. It had absolutely nothing do with that @Efacid but all good. Its a sleeper. You can see the code in the downloaded files. [SURVEYS] folder. This obv isnt the dev as no dev would wipe out an entire server in response to that. And it was actually triggered after we loaded a bunch of leads - like 1000+ from an excel sheet. I saw in the server records. [DevMike] was the handle.

We reinstalled all - deleted that folder for now - and all works PERFECT with no more issues [even after upload] ;)
Click to expand...

I was used old version and i deleted to all files because installing for new version but i have doubt now. What should i do?
 
RainMaker said:
No those files are in the file downloaded from Babiato. I actually just deleted the ENTIRE [SURVEYS] folder and it doesn't happen anymore. Was using like 75% of my server before I found / deleted the trigger files - it and then he [the hacker] wiped it entirely out in response.. Again be careful with that. I am not complaining [as I fixed the issue] I am just giving a heads up. It had absolutely nothing do with that @Efacid but all good. Its a sleeper. You can see the code in the downloaded files. [SURVEYS] folder. This obv isnt the dev as no dev would wipe out an entire server in response to that. And it was actually triggered after we loaded a bunch of leads - like 1000+ from an excel sheet. I saw in the server records. [DevMike] was the handle.

We reinstalled all - deleted that folder for now - and all works PERFECT with no more issues [even after upload] ;)
Click to expand...
Can u suggest if this script can be used as it is? Will it create issues?
 
I am using it just NOT with the SURVEYS folder. If you look in that folder there are a few files mentioned above that if you translate from base64 youll see what he [whoever it is] is doing.
 
We just actually bought Perfex - to get that back [surveys main mod] - and that added code is not there.

;)
 
  • Like
Reactions: xgod
RainMaker said:
@Babak

Please recheck this as it has a backdoor. Its in the SURVEYS Module that comes default with the script.
It will generate a file called k.php That will run php scripts at will.
EG This isnt the correct version of this file. It is altered. modules/surveys/vendor/phpoffice/phpspreadsheet/.phpcs.xml.dist
/vendor/markbaker/matrix/infection.json.dist

Also creates a makefile.php. Wiped out 1 of our servers yesterday. I narrowed it down to that as this script was all that was on it.

KevDev was one of the handles.
Click to expand...
what :D? i downloaded directly from codecanyon bro
i can show u proof u want
 
  • Like
Reactions: solbadguyky
You must log in or register to reply here.

Similar threads

uasport
Perfect SaaS - Powerful Multi-Tenancy Module for Perfex CRM
Replies
3
Views
491
PHP Scripts
arkobd
A
ersonusaini
PerfShield - The powerful security toolset for Perfex CRM
Replies
6
Views
753
PHP Scripts
hadesbay
H
ersonusaini
  • Locked
PerfShield - The powerful security toolset for Perfex CRM
Replies
3
Views
908
PHP Scripts
ersonusaini
ersonusaini
K
Perfex CRM SaaS Module - Transform Your Perfex CRM into a Powerful Multi-Tenancy Solution
Replies
169
Views
17K
PHP Scripts
fabioyeff
fabioyeff
nguyenduchoai
Flexible Lead Scoring and Lead Rating Module for Perfex
Replies
1
Views
77
PHP Scripts
Babak
Babak

Latest posts

Forum statistics

Threads
79,568
Messages
1,145,442
Members
250,313
Latest member
rotary4521

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock