Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP LiveAPI API Privilege Escalation / how to call

Discussion in 'cPanel Developers' started by TheMrg, Nov 29, 2017.

Tags:
  1. TheMrg

    TheMrg Registered

    Joined:
    Nov 29, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Germany
    cPanel Access Level:
    Reseller Owner
    Hi, question about privilege escalation from PHP LiveAPI:

    i addes namespace and modul in /usr/local/cpanel/bin/admin/Test (with test and test.conf)
    added paper_lantern/test/test.live.php and test.live.pl
    with perl i can call

    $val = Cpanel::AdminBin::Call::call(
    'Test',
    'test',
    "callfkt",
    "argum",
    );
    succesfully

    But how to call it from PHP LiveAPI?

    $data=$cpanel->api2('Test', 'test', array('modul'=>'callfkt','args'=>'argum'));
    This is or little different isnot working. sure. This means call Test.pm to Cpanel

    Is there a api2 or uapi call to the "Cpanel::AdminBin::Call::call" ?
    Or other method to call my root / priv. esc. Script?

    Explain:
    This is because my plugin needs PHP. So paper_lantern/test/test.live.php is needed (no perl).

    Thanks.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,721
    Likes Received:
    1,705
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Here's a response from one of our Technical Analyst's answering a similiar question in a support ticket (it was for a different purpose, but appears to apply to your question as well):

    Thank you.
     
  3. TheMrg

    TheMrg Registered

    Joined:
    Nov 29, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Germany
    cPanel Access Level:
    Reseller Owner
    Thanks, but how can we run a PHP Script as Root with this succestion?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,721
    Likes Received:
    1,705
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    My understanding is that using PHP for that purpose isn't supported. Feel free to send an email to integration@cpanel.net if you'd like some additional feedback to this question from one of our Developers.

    Thank you.
     
Loading...

Share This Page