The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Should we be pannicking?

Discussion in 'Security' started by AlexCl, May 8, 2013.

  1. AlexCl

    AlexCl Active Member

    Joined:
    Feb 19, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello everyone,

    I've just come across a forum where some user apparently cracked cpanel and got account to all accounts on the server. Here's the link to the site and you can see a video of the guy actually doing it. It's a proper tutorial :|
    /http://www.zero-security.org/Thread-TuT-How-To-Crack-Cpanel-By-xHaZeR

    I don't know if Cpanel staff is aware of it. Should we be worried ?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    If you watched the video, he got into an account already, and then uploaded a file. Nothing new there, IMO. If someone gets into an account due to a weak password for example, and then uploads a file to the server like this person has, yes, you should be panicked.

    There are tools to remove that file as soon as its uploaded, like this one for an example:
    ConfigServer eXploit Scanner | cPanel App Catalog

    In other news, youtube is full of videos like this one. Lock down your server with good security, enforce good strong passwords for every account. Keep all software up to date. If you're not sure about server security, hire someone:
    Sys Admin Services | cPanel App Catalog
     
Loading...

Share This Page