Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Found Script That Can Open other User home directory

Discussion in 'Security' started by hrace009, Oct 13, 2016.

  1. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Today i found someone upload a script that can open other user home directory.
    the script like this:

    - Removed -

    I tried to run this script at pay shared hosting, seems it block it and only show black screen.
    But when i try to run it at my server, the script is open, and show all entire home directory, and it can get Wordpress config file.
    How i can prevent a script like this to be running on my server?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 hrace009, Oct 13, 2016
    Last edited by a moderator: Oct 14, 2016
  2. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    Bellow i attached some screen for cPanel team to investigate it:
    - Removed -

    This script can open your main root directory /
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 hrace009, Oct 14, 2016
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,311
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    No need to post the script or screenshots, these sorts of scripts have been around forever.

    You might consider this script by ConfigServer for assistance with preventing this sort of thing from being uploaded to your server:
    ConfigServer eXploit Scanner (cxs)

    There are others as well.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 Infopro, Oct 14, 2016
  4. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    Okay, thanks for your information, is there other alternative than cxs that comes for free?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 hrace009, Oct 14, 2016
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,311
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Yes, but I don't have any additional links to share, I swear by this one. Worth every penny.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 Infopro, Oct 14, 2016
  6. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    yes i know it worth, but this with my office, throw out money was easy by them, but to take it out, need time, around 1 month or a year. Well you know that was Office Administration. And meanwhile i can't wait for that long.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 hrace009, Oct 14, 2016
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,311
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 Infopro, Oct 14, 2016
  8. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi thanks, i have use and configure it. but seems not work for that script. since when i try to run that script, it keep open
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #8 hrace009, Oct 14, 2016
  9. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,311
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    First, remove that script from your server, stop running it. Those scripts phone home. Second, change your passwords. No telling what you've already sent by running the script (read: opened it on your server). Third, find the 60 bucks to get the other script I suggested, whats your server worth to you??

    And finally, if you need additional security assistance and are not sure what to do, you should hire a professional:
    System Administration Services | cPanel Forums
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #9 Infopro, Oct 14, 2016
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,396
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #10 cPanelMichael, Oct 14, 2016
  11. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #11 hrace009, Oct 14, 2016
    cPanelMichael likes this.
  12. weetabix

    weetabix Well-Known Member

    Joined:
    Oct 26, 2006
    Messages:
    59
    Likes Received:
    3
    Trophy Points:
    158
    Also, I would suggest you install and configure Cloudlinux for some extra security.
     
    #12 weetabix, Oct 15, 2016
  13. hrace009

    hrace009 Well-Known Member

    Joined:
    Dec 24, 2013
    Messages:
    75
    Likes Received:
    10
    Trophy Points:
    8
    Location:
    Root
    cPanel Access Level:
    Root Administrator
    Twitter:
    hi thanks for your sugestion, i will think about it
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #13 hrace009, Oct 18, 2016
  14. torrent4all

    torrent4all Registered

    Joined:
    Oct 19, 2016
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Cloudlinux is good option, but security is depending on your configurations :D
     
    #14 torrent4all, Oct 19, 2016
(You must log in or sign up to post here.)
Loading...
Similar Threads - Found Script Open
  1. Sanjay Narayan

    Access key found but it looks like logins not working, please regenerate it in WebHost Manager error

    Sanjay Narayan, Aug 12, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    176
    cPanelLauren
    Aug 17, 2018 at 7:01 AM
  2. Orlando Pulgar

    SOLVED No hostname found for IP address

    Orlando Pulgar, Aug 10, 2018, in forum: E-mail Discussion
    Replies:
    2
    Views:
    64
    Orlando Pulgar
    Aug 10, 2018
  3. John11887

    404 Not found

    John11887, Aug 6, 2018, in forum: General Discussion
    Replies:
    4
    Views:
    85
    cPanelLauren
    Aug 7, 2018
  4. kiopeed

    No license entry found for your machine

    kiopeed, Aug 1, 2018, in forum: General Discussion
    Replies:
    10
    Views:
    100
    Infopro
    Aug 1, 2018
  5. PeteS

    "File not found." instead of custom 404 file with php-fpm enabled

    PeteS, Jul 25, 2018, in forum: EasyApache
    Replies:
    4
    Views:
    118
    PeteS
    Aug 2, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice