Should we be pannicking?

AlexCl · May 8, 2013

Hello everyone,

I've just come across a forum where some user apparently cracked cpanel and got account to all accounts on the server. Here's the link to the site and you can see a video of the guy actually doing it. It's a proper tutorial :|
/http://www.zero-security.org/Thread-TuT-How-To-Crack-Cpanel-By-xHaZeR

I don't know if Cpanel staff is aware of it. Should we be worried ?

Infopro · May 8, 2013

If you watched the video, he got into an account already, and then uploaded a file. Nothing new there, IMO. If someone gets into an account due to a weak password for example, and then uploads a file to the server like this person has, yes, you should be panicked.

There are tools to remove that file as soon as its uploaded, like this one for an example:
ConfigServer eXploit Scanner | cPanel App Catalog

In other news, youtube is full of videos like this one. Lock down your server with good security, enforce good strong passwords for every account. Keep all software up to date. If you're not sure about server security, hire someone:
Sys Admin Services | cPanel App Catalog

Thread starter	Similar threads	Forum	Replies	Date
M	SOLVED Openssl-1.1.1n : Should we update it manually or will it be done by cpanel soon?	Security	15	Mar 16, 2022
	AutoSSL - Any ETA at all when it will be working as it should and was before?	Security	4	Feb 22, 2022
	email CSF: "...If the change is unexpected it should be investigated", how investigate?	Security	6	Apr 1, 2021
T	Should I secure my cpanel	Security	3	Feb 26, 2021
K	Should ModSecurity Configuration SecConnEngine be set to on?	Security	1	Jul 20, 2020

Search

Search

Should we be pannicking?

AlexCl

Active Member

Infopro

Well-Known Member