even using the security patch this does not stop the attempts and the support ticket messages

in cpanel you can use account level filtering to setup rules with a fail message or with a block message
a common example that is going around (in my case) is

so just setup the settings like this

then users who send that above code in a email to your ticket system (or any other email to your account ) will get the above reply

you can add extra rules to so the above rule only apply to abuse department or other emails

here is a example email that get sended back with the above rule

Well, this is the most scary thing that any hosting provider will ever have to face. Well, I also got such messages a few days back that was encoded with base64 and when I decoded the code that was a scary attacking code :-s.

Well, I contacted the WHMCS support team and they told me that as I have the latest script installed that have already patched for such attacks.

So, I advise you to contact with WHMCS team to get some guideline

Further, to make secure you WHMCS you should take proper security steps.

Good Luck.

as long as you have the latest WHMCS security patch as given in the WHMCS forum then you are safe from the attachs, this will not however stop them trying and submitting tickets, so follow my above steps to block the messages from ther attackers and then follow the further security steps by WHMCS http://docs.whmcs.com/Further_Security_Steps

Well guys that base64 exploit was recently found in whmcs and is already fixed there is no need to protect it by changing anthing

yes the patch will stop the attacks from getting into your whmcs installation.

but ask any WHMCS staff then they will al advise you to follow these http://docs.whmcs.com/Further_Security_Steps as an extra security measure as yes the base64 has been sorted but i can guarantee their will other exploits being created to try the same thing. this is how things are as fixing this exploit will not stop IDIOTS trying other ways.

the account level filtering process will bounce back and block all emails/tickets these IDIOTS try and send, saving hosts the time in manually removing these

We had already made the necessary precautionary measures before contacting to WHMCS support team.

But, thanks for your advice

WHMCS posted a security advisory back at the beginning of Dec. It is difficult to say where the hole might be but checking for the most recent security updates on a regular basis can prevent problems in many many systems. It is easy to overlook basic preventative maintenance but overall it is worth the time and effort to prevent in the beginning rather than to try to fix and pinpoint the matter after the fact.

yes and for those like me who are registered with WHMCS got a email about this and patched straight away. but if you get your licence from a reseller then you would not be privvy to the email from WHMCS so would not be aware of this and would rely on your reseller to get this info and patch your installation or give you the patch to do it yourself.
so it is a good idea even if you dont get a licence from WHMCS to register with them and also register on their forum

beware they will try to hack by support ticket if you use old version better you upgrade to v5.0.2

the latest version is v5.0.3

they will still try in this version, but will fail if you have the patch installed
follow my Post #16 above and this will block these tickets as you will still get the tickets even though the exploit will fail

But in V5.0.3 they can't hack you by support ticket WHMCS already update the software

if you download a fresh copy now then no as the security patch was added to the software, but it you installed 5.0.2 and then just the update when it come out and have not installed the security patch then yes it can be hacked.

even with the security patch installed you will still receive the tickets with the base64 code even though they cant hack into the system

Make sure you are using secure passwords