Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Cpanel Hack? Bypassing limits

Discussion in 'General Discussion' started by lagoth, Sep 30, 2006.

  1. lagoth

    lagoth Member

    Joined:
    Apr 5, 2003
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    151
    It seems i have discovered that users are able to bypass addon domain/ subdomain limits. by removing the subfolders that are created and replacing them with linked dirs. it appears to be on freebsd and dissappear after nightly runs. I have one user that now has way more addons then he is supposed to... Can anyone verify this is the cause?
     
    #1 lagoth, Sep 30, 2006
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    166
    What do you mean by 'linked dirs'?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 webignition, Sep 30, 2006
  3. katmai

    katmai Well-Known Member

    Joined:
    Mar 13, 2006
    Messages:
    537
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Brno, Czech Republic
    soft links maybe, but this can only be done by users who have shell access as far as i know ...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 katmai, Oct 2, 2006
  4. lagoth

    lagoth Member

    Joined:
    Apr 5, 2003
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    151
    for example

    user: ttest
    domain tttest.com
    can "addon" domains

    he adds yahoo.com

    that creates a subdirectory /yahoo

    he removes
    rm -rf yahoo

    and does this from his public_html folder
    ln -s ./ yahoo/

    bingo he can now addon more domains!:eek:
     
    #4 lagoth, Oct 6, 2006
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    22
    Trophy Points:
    463
    Location:
    Go on, have a guess
    If it is a reproducable bug then you should log it as a bug in bugzilla so that cPanel is aware of the issue if you haven't done so already.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 chirpy, Oct 7, 2006
(You must log in or sign up to post here.)
Loading...
Similar Threads - Cpanel Hack Bypassing
  1. zodiac9797

    cPanel e-mail forwarders hack

    zodiac9797, Apr 12, 2018, in forum: Security
    Replies:
    7
    Views:
    1,051
    cPanelLauren
    Nov 20, 2018
  2. RIkaweb

    New Thread migirate to EA_4 error “Cpanel::Easy::Apache::Ident” ignored since it does not have an RPM

    RIkaweb, Dec 12, 2018 at 10:53 AM, in forum: EasyApache
    Replies:
    0
    Views:
    8
    RIkaweb
    Dec 12, 2018 at 10:53 AM
  3. rccaj

    New Thread Log in to cPanel through CURL

    rccaj, Dec 12, 2018 at 4:50 AM, in forum: cPanel Developers
    Replies:
    0
    Views:
    53
    rccaj
    Dec 12, 2018 at 4:50 AM
  4. rpvw

    In Progress [CPANEL-24366] phpMyAdmin version 4.8.4

    rpvw, Dec 11, 2018 at 9:11 AM, in forum: Security
    Replies:
    1
    Views:
    105
    cPanelMichael
    Dec 11, 2018 at 9:58 AM
  5. Tanner_W

    In Progress [CPANEL-24418] Update KAM.cf to latest version

    Tanner_W, Dec 9, 2018 at 2:31 AM, in forum: E-mail Discussion
    Replies:
    3
    Views:
    258
    cPanelMichael
    Dec 12, 2018 at 12:45 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice