28May/111
cPanel < 11.25 CSRF – upload shell CRSF
Tweet
Nice news:
cPanel versions below and excluding 11.25 , are vulnerable to CSRF which
leads to uploading a PHP script of the attackers liking. If you have turned
off security tokens and referrer security check, no matter what version you
are using, you are vulnerable as well.
Proof of concept (PoC)
[cc lang="html"]
[/cc]
Afterwards simply check for ninjashell.php in the directory.
Author: You can always email me ninjashellmail a|t gmail |c|om or follow me on twitter
@ninjashell1337
Disclaimer
Categories
- android (1)
- antivirus (1)
- backup (1)
- backup exec (2)
- bruteforce (6)
- conference (2)
- CRSF (2)
- DirectAdmin (1)
- DoS (11)
- enumeration (2)
- Fără categorie (2)
- flash (2)
- Fuzzer (2)
- games (1)
- hacking (116)
- how-to (32)
- Information gathering (2)
- lfi (3)
- linux (27)
- mobile (1)
- ms exchange (2)
- News (2)
- Phishing (1)
- php (1)
- rdp (1)
- rfi (5)
- rootkit (1)
- scripts (33)
- seo (1)
- sniff (3)
- social engineering (2)
- source code (33)
- sqli (16)
- ssh (2)
- symantec (3)
- tools (73)
- tutorials (20)
- tutorials (1)
- Uncategorized (7)
- vranger (1)
- windows (12)
- wireless (1)
- wsus (1)
- xpath (1)
- xsrf (1)
- xss (12)
Tags
backup
backup exec
bruteforce
debian
directadmin
DoS
download
exploit
hack
hacking
how-to
install
install windows 7
lfi
linux
pentest
perl
php
poc
python
rfi
scanner
script
scripts
secure code
Security
security scanner
share
shell
social engineering
source code
sqli
SQL injection
sqli scanners
ssh
tool
tools
tutorial
upload shell
vbulletin
Web Application Scanner
windows
windows 7 usb
wordpress
xss
August 17th, 2011 - 08:02
Hello sir.
Nice to meet you sir i want to know how to upload shell into cpanel and how to hack cpanel +shell help me sir Thanks
Best regard