stormthefront
- Total activity 23
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 6
Comments
Recent activity by stormthefront-
Hello, using the UAPI path parameter I can see that the absolute path is: "path":"/homehdd/user","nicemode":"0711","humansize":"57 bytes","size":"57","fullpath":"/homehdd/user","absdir":"/homehdd...
-
Hello, It is supposedly related (although the issue there has been RESOLVED by implementing a hook - it is no longer present). Here, however it seems that if I change the GET request to https://...
-
Hello, more debug info : Request URL: https://server.com:2083/cpsess4352439023/download?skipencode=1&file=%2fhomehdd%2username%2fpublic_html%2fdir%2ffile.tar.gz Request Method: GET Status Co...
-
So, tracing the process it seems that the backupadmin binary thinks the the backup file and the dest dir are on the same fs and send the system rename() call : 321615 rename("/home/321615.BIN_ADM...
-
Thanks for moderating my comment without reading it and adding the closing code tag after non code sentences!
-
Hello, Yeah, exactly - the "exploit" in the article is not some mind boggling novelty in the way the authors are trying to present it. Either way, you have to take into consideration the fact that...
-
Hello Cody, Thanks for the reply. This is a requirement I have to follow - e.g. looping through these networks and looking for IP addresses with a cPanel license - this means not all of them are g...
-
Hello Eric, thanks a lot for forwarding this, really appreciate it. Regards, K
-
By the way, forgot to mention that this happened during/after a cPanel update, but I failed to find any relevant info inside the logs. Update timestamps for all affected servers gravitate towards t...