Back Door into Root WHM

[marinanewman]

had a reseller call me admitting he was able to get into the root WHM using his username and password...

Is there anyway to close this door.

http://serveripaddress:2086/command

 

[jimcarter]

as he was using his username and password, and not root as the username he was probably just mistakenly given root access in reseller privileges,
if you login as root to your server, then edit the reseller privileges for his user, just uncheck the box marked all features,
hope this helps
thanks

 

[marinanewman]

he does not have root privileges, and does not have all features checked... and his normal whm does not have all the features he named off to me on the telephone..

maybe just a fluke... will keep an eye on it...

 

[Website Rob]

Holy nightmare Batman, almost had me going there.

http://serveripaddress:2086/command/

Ooops! I lost your webpage [./command/] and I don't know where it went!!??!!
Please forgive me


http://serveripaddress:2086/command

You get the left-hand navigation frame of Cpanel 3. Although some links do not work and it's much more limited than version 5, you still need to have &root& access or SSH permission.


Have a look in: Account Functions & Manage Shell Access, to see if the Client is listed. Must be some logical reason why they got in, but I know not what.

 

[marinanewman]

no shell access... no root privileges.. hoping it was just a fluke..