Results 1 to 4 of 4

Thread: Zpanel 10.0.x Remote File Disclosure to Root Share/Save - My123World.Com!

  1. #1

    Wink Zpanel 10.0.x Remote File Disclosure to Root

    Hello garage!
    Long time no contribution in Garage community so thought of sharing small finding of mine.


    What is ZpanelCP?
    ZPanel is a free and complete web hosting control panel for Microsoft® Windows™ and POSIX (Linux, UNIX and MacOSX) based servers.

    So basically this started like 4-5 months back when i was randomly testing bugs on Web Hosting panels listed in Wikipedia.
    Got a small bug File Disclosure bug in Panel. * become good boy and reported to Vendor as it is opensource project*

    Waited for 4+months : No reply. Followups. No reply! patching other bugs.

    So started working on it again and thought of making "Remote File Disclosure" exploitable (RCE).

    Remote File Disclosure:


    After wandering here there for sometime i understood.

    ZpanelCP ships with inbuilt Phpmyadmin and through our exploit we grabbed Database Config file. *All ZpanelCP uses root account*
    MYSQL INTO OUTFILE always comes handy when you have root logins for MYSQL.

    Logged Inside Phpmyadmin:



    Output of INTO OUTFILE :


    Uploaded Simple Backdoor on server:


    Now all thanks to modest ZPANELCP which also bundles Privilege Escalation Exploit through which any root commands can be executed via
    Code:
    /etc/zpanel/panel/bin/zsudo
    Add Root User :


    Game Over!
    Happy Pwning


    Note: I didnt Post any exploit code here for more information PM me. Will be happy to share Garage Members Exploit Code!

  2. #2
    Nice Finding sir...
    Keep it up...

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    “I have not failed. I’ve just found 10,000 ways that won’t work.”
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  3. #3
    where can i find this exploit? it looks pretty nice.

  4. #4
    This is very great! Do you mind to share with me? I can't send PM to you so can you send it to me?
    My email is : van.computerization@gmail.com

    Thank you!
    -GoogleFahmi

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •