The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Reinstall x3 theme

Discussion in 'User Experience' started by HTHP, Jun 27, 2009.

  1. HTHP

    HTHP Registered

    Joined:
    Jun 27, 2009
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi,
    My friend's server was defaced by a script kiddie and he removed all index.* pages from the server and made here own index.html page.
    Now there's no backup at all! I removed all skiddie pages but users can't log into the cpanel because the original index.html in /usr/local/cpanel/base/frontend/x3/index.html is removed.
    I forced reinstallation with # /scripts/upcp --force and still we can't access to cpanel (btw there's no pb with log into WHM).
    Any idea how to reinstall completely cpanel or just reinstall the x3 theme??
    Thanks in advance.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,472
    Likes Received:
    200
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Forcing a cPanel update should have fixed any theme problems if you are indeed running the default cPanel X3 theme. You should consult with a security professional, ASAP.

    If they defaced an accounts index.html that's one thing, if they got into the server itself and defaced a cPanel theme file (makes no sense really as if they can do that they should be able to do most anything else server wide. Why bother with a theme file no one can see but the user?)

    Was the account a reseller? If yes they might have set a customized/branded theme logged in as the reseller.
     
  3. HTHP

    HTHP Registered

    Joined:
    Jun 27, 2009
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I know how they got into the server... they got a root so they replace every index.* file into / by there index file.
    Now I removed all backdoors and shells, and I fixed all vulnerability in the server and in the php scripts.
    I have the account owner (root) and I need to copy every old index.* file in /usr/local/cpanel/base/frontend/ to fix the x3 theme.
    It will be great if someone compress index files in this directory and upload it somewhere so I can download it and replace the skiddie index files to fix the theme.
    Peace.
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,472
    Likes Received:
    200
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    That's not how it's done though. To repair your cPanel X3 theme you run an update as suggested which refreshes all files on the cPanel side of things. If that's not working for you after doing it, and you're sure your browser cache has been cleaned out first to check it, then you might contact cPanel to take a look. Doing a forced update should fix it.

    They got root access to your server and only changed index files? I wouldn't trust it, personally.
     
  5. HTHP

    HTHP Registered

    Joined:
    Jun 27, 2009
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    They only defaced some index pages and installed a rootkit that's why I called them script kiddies..
    I contacted the cpanel support and now it's work after forcing reinstall. It doesn't work for me beause in /etc/cpupdate.conf the CPANEL= line was set to never, that line must be manual-release..
    After doing this, a forced update fix it.
    Thanks Infopro for your time.
    Peace
     
Loading...

Share This Page