Should we be pannicking?

AlexCl

Active Member
Feb 19, 2013
42
0
6
cPanel Access Level
Root Administrator
Hello everyone,

I've just come across a forum where some user apparently cracked cpanel and got account to all accounts on the server. Here's the link to the site and you can see a video of the guy actually doing it. It's a proper tutorial :|
/http://www.zero-security.org/Thread-TuT-How-To-Crack-Cpanel-By-xHaZeR

I don't know if Cpanel staff is aware of it. Should we be worried ?
 

Infopro

Well-Known Member
May 20, 2003
17,113
507
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
If you watched the video, he got into an account already, and then uploaded a file. Nothing new there, IMO. If someone gets into an account due to a weak password for example, and then uploads a file to the server like this person has, yes, you should be panicked.

There are tools to remove that file as soon as its uploaded, like this one for an example:
ConfigServer eXploit Scanner | cPanel App Catalog

In other news, youtube is full of videos like this one. Lock down your server with good security, enforce good strong passwords for every account. Keep all software up to date. If you're not sure about server security, hire someone:
Sys Admin Services | cPanel App Catalog