How to hack a whm panel by lfi exploit
How to Hack a WHM Panel By Lfi Exploit
WHM ( Web Host Manager ) is a reseller
account in which the sites are hosted. If a attacker gets the access to
the whm panel he can deface all sites hosted in the WHM panel. There
are many exploits for hacking whm panel this time i will teach you how to hack a whm panel by LFI exploit. Local File Inclusion in the cart.php file of the site.
Things you required :-
- A lfi vulnerable whm site ( cart.php )
- A lfi exploit ( cart.php?a=projectx&templatefile=../../../configuration.php )
So lets get started :-
- First of all we will locate the cart.php hosted in the site in my case it is ( http://www.netxidh.com/support/cart.php ).
- Now we will put our lfi exploit after the cart.php and it will look like :-
- Now you see there is no data presented in the site like below ( only the template and other features )
- Now you have got the whm configuration file just press ctrl+u or right click>view-source. Scroll down a bit you will see the whm configuration file. ( see below screen shot ).
Yeah! we got the whm config file
now to command prompt. type ftp www.netxidh.com ( your whm site ) then
hit enter it will ask for the username and password. Type the username
and pass you got from the WHM config file. then you will be in the FTP of the site.
Enjoy some more sites :- http://pastie.org/3879195
No comments:
Post a Comment