KOPANEL security hole

[gerydeft2]

hi,
recently i was testing kopanel security and i found a way to get dbpass on any site who has kopanel installed
(then sql connect->exec master xp cmdshell net user add....administrator->remote and ur server is mine)

i wont tell u the exploit here, turks would abuse it.


if u want me to check if ur server is vulnerable or not write me a pm.


if i ll find the fix i ll post it here

 

[Advocate]

hi,
recently i was testing kopanel security and i found a way to get dbpass on any site who has kopanel installed
(then sql connect->exec master xp cmdshell net user add....administrator->remote and ur server is mine)

i wont tell u the exploit here, turks would abuse it.


if u want me to check if ur server is vulnerable or not write me a pm.


if i ll find the fix i ll post it here

is this apache based panels or all?

 

[gerydeft2]

all
just tested it on lostsoulzko.net -- worked

 

[spamman]

yup . Thanks for helping me fix it gerydeft xD

 

[pterodon]

seems like most server got it fixed tho

or atleast have it fixed now

 

[gerydeft2]

nah jonny if u read this u can tell them the fix^^

 

[ibsk8r]

interesting..my guess is that its an sql injection which lets you upload a php file which has the following line you just mentioned.

 

[pterodon]

interesting..my guess is that its an sql injection which lets you upload a php file which has the following line you just mentioned.

it is

well 2 more lines to be exact i think... then open the server via command on your pc
the method of this thing is pretty old (well, if it is the thing i think it is )

 

[gerydeft2]

nah with the exploit i can include any file instead of register.php or debug.php etc..

 

[ibsk8r]

nah with the exploit i can include any file instead of register.php or debug.php etc..

Interesting..I'd like to see this, mind contacting me ?

 

[OMEGAbuffer]

Interesting..I'd like to see this, mind contacting me ?

Someone wants to hack someone badly ^_^

BTW, PMed.

 

[ibsk8r]

Someone wants to hack someone badly ^_^

BTW, PMed.

How about someone wants to keep his server alive and safe?
Do you even know me?
Judging me based on .. what?

 

[gerydeft2]

ok if u want to make ur kopanel secure then go index.php

and make all $_GET[act] part test($_GET[act]) if u have heteric's anti sql injection.php

my msn is [email protected]

 

[OMEGAbuffer]

ok if u want to make ur kopanel secure then go index.php

and make all $_GET[act] part test($_GET[act]) if u have heteric's anti sql injection.php

my msn is [email protected]

Can you explain that in modern English/for noobs language? ^_^

 

[spamman]

Don't worry about it Asian yours is fine. Gerydeft, This only works on IIS. Apache servers have built in protection. Infact, if you setup your security properties correctly for the IIS user, it doesn't work then either. It seems most peopleusing IIS are giving the IIS full administrative permissions.

 

[rattrap1337]

Spamman, I would like to see this as well, as I have a very nice defensive system. It would be a good test to my defense system.. However I need a new power supply first.

 

[OMEGAbuffer]

Thank You Gerydeft ^_^

-OMEGA on MSN ._.

 

[IceMan1300]

It seems most peopleusing IIS are giving the IIS full administrative permissions.

Which entirely defeats the purpose. :/

I wish people could get a clue for once.

 

[theoutlawtorn]

guys can someone share me the files that used on lostsoulz.net ( i mean there was an older version of that i need this i don't mean give me files of lostsoulz.net ) thanks a lot

 

[OMEGAbuffer]

guys can someone share me the files that used on lostsoulz.net ( i mean there was an older version of that i need this i don't mean give me files of lostsoulz.net ) thanks a lot

LOL

On-Topic : I would suggest using Heretic's KO Panel because I heard it was the most protected from SQL Inject of the released KO Panels...