Extracting Credit Card data from Ubersmith

So we recently purchased a number of companies who use Ubersmith as their billing system.

As I’ve mentioned before, we use WHMCS.  Ubersmith weren’t overly helpful with extracting our customers’ credit card data, so I had to spend some time playing about with ubersmith.  As it turned out, it wasn’t hard at all to pull credit card data out.  Most of my required code was in re-encrypting it to store it back into the database with a encryption format so we can pull it out with our standard merge scripts to import into our WHMCS install.

First we want a table to store the data in.

I then placed the below script in the ubersmith web root.  And popped a copy of lib_crypt.php (from https://sourceforge.net/projects/warp-cms/files/smart-framework/ library) into the parent directory – just so it wasn’t polluting the ubersmith install.

After this, it was a simple matter of running “php extractcards.php ubsermith.panel.url.here”, and all cards were saved into the whmcs_merge_carddata table, ready for our merge scripts.

 

Inner Range (CLOE) Port ‘0’ Cable Pinout

So we have an Inner Range alarm system at my work.. It’s a great system, but like most alarm vendors, the manufacturer thinks tight lips is a good policy.

Yeah, no.

$99 for a ‘port 0’ cable to program the alarm boards is a huge rip-off, so I sat down before work this morning and figured out how to talk to them.  It’s just TTL RS232.

On the CLOE devices, there’s a 5-pin header.  Pinout is as follows:

1  GND
2 UNKNOWN
3 RXD
4 TXD
5 UNKNOWN

Honestly, I don’t care what the unknowns are, probably flow control?  however wiring GND, RXD and TXD to a USB->TTL RS232 adapter (With the appropriate swapping of RXD/TXD betwee ends), I’m happily talking to this device at 115,200, so I’m happy and can now program it without finding the $90 cable that’s gone missing :-p

 

 

Extending the WHMCS API and Fetching Invoice PDF’s

At work, we’re currently doing a FULL rebuild of our customer portal.  Part of the requirements of the system are that our staff must only be logging into one place.  At present they have to be logged into the portal AND WHMCS.  So in v2, we have to basically rebuild 90% of the WHMCS admin interface into our portal, and use the WHMCS API for manipulating data stored in WHMCS.  (We’re also adding a MongoDB caching layer for read access, and then using hooks in WHMCS to update the cache whenever data is modified).

We found a few ‘holes’ (read: missing functionality) in the WHMCS API, so had to see about adding an API to sit alongside WHMCS.  We did ask WHMCS how to go about writing custom API functions to use within the WHMCS API framework, but they came back saying this was not possible.  A fair bit of Googling around, and I managed to find a blog post detailing how to write custom API functions for WHMCS.  With a bit of work, we now have a nice basis for writing WHMCS API modules.  The first one I built for testing was for pulling Invoice PDF’s, which is not currently available in the WHMCS API.

And Voila, a simple WHMCS call such as:

Returned Variables

Then it’s a simple matter to go base64_decode($jsondata->pdf) (assuming you used json format and had done a json_decode() on the returned data…), and you have the binary data for the PDF, ready to save to disk, or pass back out to the user via HTTP.

 

Installing dig on a Centos Linux Server with Yum

Installing dig on a CentOS server is pretty easy, using yum.   Dig is part of the bind utils package, so you will want to install bind-utils.

Basically

Installation will look something like the following:

And you’re now ready to use dig!

 

 

Creating RRD files in PHP

I was looking for a way to store (and graph) data for all of our physical servers.  Now sure, we could install SNMP on every machine and just use MRTG, but as a lot of them are leased by clients, I wanted something out of band which will ‘just work’.  We have a very nice IMPI based system which we use for provisioning every server on the network.  That seemed like a good way to go!  Pulling all the fun info via IPMI is really easy:

That gives us quite a useful amount of info!  Though for our purposes, we’ll ignore everything except the first three columns.

Handling that in PHP, we do something like the following:

Then we need to think about the RRD’s.  We need to check if we HAVE one, if so we put the data in.  Or we generate a new RRD and put the data in.

What we’re doing above is creating the datastore, and creating Round Robin Archives for Min, Max, and Average. Storing a sample every 5 minutes for 24 hours (288 samples), a sample every hour for 7 days, and a sample every day for a year.

Now we need to store our data.  That’s the easy part!

And we’re now storing data.  Note the use of the shell_exec.  At least in PHP5.4 on Ubuntu, rrd_update and rrd_graph do not work.

But that’s not much fun if we can’t display the graphs when we need them!

I could write them out to file and then include them from static HTML etc.  But I’d rather have it all dynamically generated.  I have a php file which generates the HTML table referencing the graphs:

And then the actual graphing script:

And now it’s working very nicely indeed!

 

 

WHMCS Password Encryption and Decryption

So at my work, we just bought out a couple of other hosting companies, and needed to bring all their customer data from WHMCS into our WHMCS install.

We figured ‘no problems, WHMCS has a merge tool’.   Yeah, that didn’t work at all!

So.  We sat down and wrote one!

Where things almost came unstuck, was transferring passwords.  WHMCS stores all manner of passwords – customer passwords, hosting account passwords, even server passwords.  For that matter, they also store credit card details.  And they’re all stored Encrypted!

After discovering this helpful class, and mucking about for a few hours working out how they use the hash, I was ready to go! Using it is a breeze.  You just need your cc_encryption_hash from your WHMCS configuration.php, and off you go.

If you were to run this code, it would display ‘MyPassword’.

So in my case, transferring between two WHMCS installations, I use a code block like the following:

Assuming you had the encrypted password from the old system in $oldpass, you will now have the password for the new system in $newpass.

Hopefully this helps someone! Google was no help at all for re-encrypting the password!

 

Quick Tip: Get the UUID for a Disk or Partition

I was just quickly running up a small linux server to use as a backup server at a remote site, and added a new disk to an existing install.

Since it’s at a remote site, I don’t want the chance of it barfing on boot, so I definitely want to specify my partition by UUID.

The UUID is used to identify a device, independently from its device name. Especially useful when mounting physical disks, it’s also useful for LVM volumes, etc.

There are a few ways to get the UUID, but by far the easiest is to simply do an ls -l in /dev/disk/by-uuid.

In my case, I’m pointing at a LVM Logical Volume, so I can take a guess that I’m looking for dm-0, but to be sure, I want to check in /dev/mapper:

Yep, so to mount that new volume in fstab, I want to add a line like the following:

 

Initial setup for Avaya 1608 IP Phones on an IP Office 500

So we’ve filled the Avaya IP Office IP500 at our management office.  At other offices, we just buy a DS16 or DS30, depending on site.  But at this office, we run a VOIP trunk, so have a VCM32, and only use up to 10 channels on that.

As we discovered, the VCM32 comes with 12 IP Endpoint Licenses. – with means we can run 12 IP Phones!

Well, that makes much more monetary sense, than installing a DS16. – 1608’s are only 20 bucks or so more expensive than the 1408’s we usually use!

So we ordered a couple of play with, and hit two snags.

1) They’re expecting you to use a POE enabled Switch.  Which we probably will, once we have a few of these phones.  But for now? No, it’s not financially viable!   So we ordered Power Supplies, at $11 a pop.

2) I thought maybe the phones would be smart enough to grab an IP from DHCP, then do a broadcast to find the IP Office box.  C’mon Damien, this is Avaya, it’s not that smart!.

Instead, I had the phone boot, get an IP, and then sit there saying ‘No FileSv Address’.   So a bit of searching around, and I found this thread.  A few minutes later, I’d added a new DHCP option to the LAN segment on our pfSense firewall, and voila, it was working!

The magic Option?

Option 242, Text “PCIPADD=192.168.40.221,MCPORT=1719,HTTPSRVR=192.168.40.221”.

Of course, you’d use the IP address of your own IP500 unit, ours won’t work 😉