/cloudssp

CPanel, Mail-Man backend leaker/Exploit? Anyways this leaks the backend even if you're using Cloud flare or Byte Fend.

Primary LanguagePython

cloudssp

Searching For Your Site

First you need to eee if your target is running cpanel, https://target.com/cpanel or use subdomainscanner and see if it has a www.cpanel.target.com if so the target might be vulnerable.

Looks like the site does not have the cpanel redirect on the main, lets check the subdomains And looks like we found www.cpanel.target.com, www.webmail.target.com, www.mail.target.com Okay so lets check if they have the service mailman running. www.webmail.target.com/mailman > 404 www.mail.taregt.com/mailman/ > 200 Okay, exploit time!

Exploiting

requires > python3
requires > requests, colorama
python3 cloudssp.py