{"id":22799791,"url":"https://github.com/chocapikk/cyberpanel","last_synced_at":"2025-06-24T06:02:08.203Z","repository":{"id":259935355,"uuid":"879866089","full_name":"Chocapikk/CyberPanel","owner":"Chocapikk","description":"CyberPanel v2.3.6 Pre-Auth RCE Exploit Tool","archived":false,"fork":false,"pushed_at":"2024-10-28T17:56:02.000Z","size":8,"stargazers_count":4,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-01T11:13:53.991Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Chocapikk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-28T17:23:46.000Z","updated_at":"2025-05-02T01:29:47.000Z","dependencies_parsed_at":"2024-10-28T18:48:09.816Z","dependency_job_id":null,"html_url":"https://github.com/Chocapikk/CyberPanel","commit_stats":null,"previous_names":["chocapikk/cyberpanel"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Chocapikk/CyberPanel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FCyberPanel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FCyberPanel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FCyberPanel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FCyberPanel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Chocapikk","download_url":"https://codeload.github.com/Chocapikk/CyberPanel/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FCyberPanel/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261618029,"owners_count":23185083,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-12T07:09:58.449Z","updated_at":"2025-06-24T06:02:08.150Z","avatar_url":"https://github.com/Chocapikk.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ๐ŸŒ CyberPanel v2.3.6 Pre-Auth RCE Exploit Tool\n\nCyberPanel v2.3.6 Pre-Auth RCE Exploit leverages a critical Remote Code Execution vulnerability in CyberPanel version 2.3.6. Thanks to [DreyAndโ€™s exceptional work](https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce), this vulnerability is well-documented and thoroughly explained.\n\n\u003e โญ **Donโ€™t forget to [follow DreyAnd on GitHub](https://github.com/DreyAnd) for more security insights and tools.** His contributions are invaluable to the security community!\n\n---\n\n### ๐Ÿ” Overview\n\nThe exploit targets the **`/dataBases/upgrademysqlstatus`** endpoint, which mishandles the `statusfile` parameter, allowing unauthorized command execution on the target server. \n\n- ๐Ÿ“ข Check out [LeakIXโ€™s latest update on exploitable CyberPanel instances](https://x.com/leak_ix/status/1850949064826745202).\n- ๐Ÿ”— **See over [22,000 results on LeakIX](https://leakix.net/) related to CyberPanel**.\n\n---\n\n### โš™๏ธ Features\n\n- ๐Ÿ’ป **Interactive Shell** for on-the-fly command execution on a target server.\n- ๐Ÿ“‚ **Bulk Exploitation** with multithreading for multiple targets.\n- ๐Ÿ“ **Output File Support** for saving results during bulk operations.\n\n---\n\n### ๐Ÿ› ๏ธ Installation\n\n1. **Clone this repository**:\n ```bash\n git clone https://github.com/Chocapikk/CyberPanel\n cd CyberPanel\n ```\n\n2. **Install dependencies**:\n ```bash\n pip install -r requirements.txt\n ```\n\n---\n\n### ๐Ÿš€ Usage\n\nRun the tool with the options provided below.\n\n**Basic Commands**:\n\n- **Single target in interactive mode** \n ```bash\n python exploit.py -u http://example.org\n ```\n\n- **Multiple targets from a file with output** \n ```bash\n python exploit.py -f targets.txt -o results.txt -t 10 \"uname -a\"\n ```\n\n### โš ๏ธ Disclaimer\n\nThis tool is intended solely for educational purposes and authorized security testing. **Unauthorized use of this tool on systems without explicit permission from the owner is illegal and unethical.** The developer assumes no liability or responsibility for misuse or damage caused by this tool.\n\n**Use responsibly and only on systems you own or have explicit permission to test.**","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchocapikk%2Fcyberpanel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchocapikk%2Fcyberpanel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchocapikk%2Fcyberpanel/lists"}