{"id":47,"date":"2016-10-27T15:00:24","date_gmt":"2016-10-27T05:00:24","guid":{"rendered":"http:\/\/thewanderingsysadmin.net\/?p=47"},"modified":"2016-10-27T15:00:24","modified_gmt":"2016-10-27T05:00:24","slug":"extracting-credit-card-data-from-ubersmith","status":"publish","type":"post","link":"https:\/\/thewanderingsysadmin.net\/?p=47","title":{"rendered":"Extracting Credit Card data from Ubersmith"},"content":{"rendered":"

So we recently purchased a number of companies who use Ubersmith as their billing system.<\/p>\n

As I’ve mentioned before, we use WHMCS. \u00a0Ubersmith weren’t overly helpful with extracting our customers’ credit card data, so I had to spend some time playing about with ubersmith. \u00a0As it turned out, it wasn’t hard at all to pull credit card data out. \u00a0Most of my required code was in re-encrypting it to store it back into the database with a encryption format so we can pull it out with our standard merge scripts to import into our WHMCS install.<\/p>\n

First we want a table to store the data in.<\/p>\n

create table whmcs_merge_carddata (\r\n  billing_info_id INTEGER NOT NULL,\r\n  cc_num          VARCHAR(64),\r\n  cc_cvv2         VARCHAR(64),\r\n  cc_issuenr      VARCHAR(64)\r\n);<\/pre>\n
I then placed the below script in the ubersmith web root. \u00a0And popped a copy of lib_crypt.php (from\u00a0https:\/\/sourceforge.net\/projects\/warp-cms\/files\/smart-framework\/ library) into the parent directory – just so it wasn’t polluting the ubersmith install.<\/p>\n
<?PHP\r\n$_SERVER['SERVER_NAME'] = $_SERVER['argv'][1];\r\nrequire_once( 'incs.php' );\r\nrequire_once('..\/lib_crypt.php');\r\n\r\n\/\/ This is a temporary hash to be used by our import routine later\r\n$new_cc_encryption_hash='ApPTRYWQCF4LqMvYObfENwlaVd4VzBeZQUJyJwfb29NiM97qbcVOy6Ok9J6zbbpR';\r\n$he_key2 = md5 (md5 ($new_cc_encryption_hash)) . md5 ($new_cc_encryption_hash);\r\n$he_new = new hash_encryption($he_key2);\r\n\r\nclass ExtractCard extends sb_ccbackend {\r\n public function getRaw($id) {\r\n return parent::_get_raw($id);\r\n }\r\n}\r\n\r\n$backend = new ExtractCard();\r\n$result = $_SESSION['DB']->query(\"select i.billing_info_id, c.class_id, i.cc_num from billing_info i JOIN CLIENT c ON c.clientid=i.clientid where c.active=1 and i.payment_type='cc'\");\r\n$results = [];\r\nwhile (($row = $result->fetchRow())) {\r\n$results[] = $row;\r\n}\r\n\r\nforeach ($results as $row) {\r\n $card = $backend->getRaw($row['billing_info_id']);\r\n $sql = \"INSERT INTO whmcs_merge_carddata (billing_info_id, cc_num, cc_cvv2, cc_issuenr) values (?, ?, ?, ?)\";\r\n \/\/ Encrypt the values with our temporary hash\r\n $qargs = array(\r\n $row['billing_info_id'],\r\n $he_new->encrypt($card[0].$row['cc_num']),\r\n $he_new->encrypt($card[1]),\r\n $he_new->encrypt($card[2])\r\n );\r\n $result2 = $_SESSION['DB']->query($sql, $qargs);\r\n echo \"Inserting record \".$row['billing_info_id'].\"\\n\";\r\n \r\n}\r\n?>\r\n<\/pre>\n
After this, it was a simple matter of running “php extractcards.php ubsermith.panel.url.here”, and all cards were saved into the whmcs_merge_carddata table, ready for our merge scripts.<\/p>\n","protected":false},"excerpt":{"rendered":"
So we recently purchased a number of companies who use Ubersmith as their billing system. As I’ve mentioned before, we use WHMCS. \u00a0Ubersmith weren’t overly helpful with extracting our customers’ credit card data, so I had to spend some time playing about with ubersmith. \u00a0As it turned out, it wasn’t hard at all to pull […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[12,1,14],"tags":[],"class_list":["post-47","post","type-post","status-publish","format-standard","hentry","category-php","category-uncategorized","category-whmcs"],"_links":{"self":[{"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=\/wp\/v2\/posts\/47"}],"collection":[{"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=47"}],"version-history":[{"count":3,"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=\/wp\/v2\/posts\/47\/revisions"}],"predecessor-version":[{"id":51,"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=\/wp\/v2\/posts\/47\/revisions\/51"}],"wp:attachment":[{"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=47"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=47"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thewanderingsysadmin.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=47"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}