Skip to content
/ cloudssp Public

CPanel, Mail-Man backend leaker/Exploit? Anyways this leaks the backend even if you're using Cloud flare or Byte Fend.

Notifications You must be signed in to change notification settings

Phew/cloudssp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 

Repository files navigation

cloudssp

Searching For Your Site

First you need to eee if your target is running cpanel, https://target.com/cpanel or use subdomainscanner and see if it has a www.cpanel.target.com if so the target might be vulnerable.

Looks like the site does not have the cpanel redirect on the main, lets check the subdomains And looks like we found www.cpanel.target.com, www.webmail.target.com, www.mail.target.com Okay so lets check if they have the service mailman running. www.webmail.target.com/mailman > 404 www.mail.taregt.com/mailman/ > 200 Okay, exploit time!

Exploiting

requires > python3
requires > requests, colorama
python3 cloudssp.py

About

CPanel, Mail-Man backend leaker/Exploit? Anyways this leaks the backend even if you're using Cloud flare or Byte Fend.

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages