The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel Hack? Bypassing limits

Discussion in 'General Discussion' started by lagoth, Sep 30, 2006.

  1. lagoth

    lagoth Member

    Joined:
    Apr 5, 2003
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    151
    It seems i have discovered that users are able to bypass addon domain/ subdomain limits. by removing the subfolders that are created and replacing them with linked dirs. it appears to be on freebsd and dissappear after nightly runs. I have one user that now has way more addons then he is supposed to... Can anyone verify this is the cause?
     
    #1 lagoth, Sep 30, 2006
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    166
    What do you mean by 'linked dirs'?
     
    #2 webignition, Sep 30, 2006
  3. katmai

    katmai Well-Known Member

    Joined:
    Mar 13, 2006
    Messages:
    530
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Brno, Czech Republic
    soft links maybe, but this can only be done by users who have shell access as far as i know ...
     
    #3 katmai, Oct 2, 2006
  4. lagoth

    lagoth Member

    Joined:
    Apr 5, 2003
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    151
    for example

    user: ttest
    domain tttest.com
    can "addon" domains

    he adds yahoo.com

    that creates a subdirectory /yahoo

    he removes
    rm -rf yahoo

    and does this from his public_html folder
    ln -s ./ yahoo/

    bingo he can now addon more domains!:eek:
     
    #4 lagoth, Oct 6, 2006
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,472
    Likes Received:
    20
    Trophy Points:
    463
    Location:
    Go on, have a guess
    If it is a reproducable bug then you should log it as a bug in bugzilla so that cPanel is aware of the issue if you haven't done so already.
     
    #5 chirpy, Oct 7, 2006
(You must log in or sign up to post here.)
Loading...
Similar Threads - Cpanel Hack Bypassing
  1. Svemir

    Cpanel Account Hacked

    Svemir, Feb 15, 2016, in forum: Security
    Replies:
    3
    Views:
    1,137
    cPanelMichael
    Feb 18, 2016
  2. crwilliams

    Cpanel Account Hacked, Or Just The Wp Sites?

    crwilliams, Jul 30, 2015, in forum: Security
    Replies:
    2
    Views:
    787
    cPanelMichael
    Jul 31, 2015
  3. cPanelBenny

    The 2017 cPanel® Conference announces evening events, conference schedule, and extends 50%-off early

    cPanelBenny, Jun 21, 2017 at 4:17 AM, in forum: cPanel Announcements
    Replies:
    0
    Views:
    41
    cPanelBenny
    Jun 21, 2017 at 4:17 AM
  4. Abdi

    Help to get started with cPanel

    Abdi, Jun 19, 2017 at 8:04 PM, in forum: General Discussion
    Replies:
    1
    Views:
    25
    cPanelMichael
    Jun 20, 2017 at 8:48 AM
  5. harkirat20

    SOLVED Cannot connect to cPanel Ports open

    harkirat20, Jun 19, 2017 at 9:09 AM, in forum: Bind / DNS / Nameserver Issues
    Replies:
    2
    Views:
    34
    harkirat20
    Jun 19, 2017 at 9:40 PM

Share This Page