[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-80052":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":8,"htmlUrl":8,"language":9,"languages":8,"totalLinesOfCode":8,"stars":10,"forks":11,"watchers":12,"openIssues":13,"contributorsCount":13,"subscribersCount":13,"size":13,"stars1d":13,"stars7d":13,"stars30d":13,"stars90d":13,"forks30d":13,"starsTrendScore":13,"compositeScore":14,"rankGlobal":8,"rankLanguage":8,"license":8,"archived":15,"fork":15,"defaultBranch":16,"hasWiki":17,"hasPages":15,"topics":18,"createdAt":8,"pushedAt":8,"updatedAt":19,"readmeContent":20,"aiSummary":21,"trendingCount":13,"starSnapshotCount":13,"syncStatus":22,"lastSyncTime":23,"discoverSource":24},80052,"poc-cpanel-cve-2026-41940","XsanFlip\u002Fpoc-cpanel-cve-2026-41940","XsanFlip",null,"Python",62,11,63,0,3.24,false,"main",true,[],"2026-06-12 02:03:57","# POC cPanel CVE-2026-41940  \n\n\u003Cimg width=\"887\" height=\"642\" alt=\"Screenshot From 2026-05-01 22-58-10\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fe48a3d83-ba00-4346-a63f-b8b8c851b44d\" \u002F>\n\n\nA high-performance, multi-threaded security auditing tool designed to detect **CVE-2026-41940**, a critical Authentication Bypass vulnerability in cPanel & WHM (discovered in April 2026).\n\nThis tool leverages a **CRLF Injection** technique in HTTP headers to identify if a cPanel service daemon (`cpsrvd`) is susceptible to unauthorized root access.\n\n## Key Features\n\n-   **Dynamic Port Discovery**: Automatically probes standard cPanel\u002FWHM ports (`2082`, `2083`, `2086`, `2087`) if no port is specified.\n    \n-   **Smart Detection**: Prioritizes user-defined ports (e.g., `1.2.3.4:2083`) but falls back to multi-port scanning for bare IPs\u002Fdomains.\n    \n-   **High Concurrency**: Built with `ThreadPoolExecutor` for rapid scanning of large IP lists.\n    \n-   **Beautiful Terminal UI**: Uses the `Rich` library for progress bars, status panels, and a comprehensive scan summary dashboard.\n    \n-   **Dual Output**: Generates both a detailed text report (`.txt`) and a structured data file (`.json`) for further analysis.\n    \n\n## Installation\n\n1.  **Clone the repository**:\n    \n    ```\n    git clone https:\u002F\u002Fgithub.com\u002Fxsanflip\u002Fpoc-cpanel-cve-2026-41940.git\n    cd cpanel-cve-2026-41940-auditor\n    \n    ```\n    \n2.  **Install dependencies**:\n    \n    ```\n    pip install requests rich\n    \n    ```\n    \n\n## Usage\n\nPrepare a `targets.txt` file containing the IP addresses or domains you wish to audit (one per line).\n\n**Simple Scan:**\n\n```\npython cpanel-scan-cve.py\n\n```  \n\n## Output\n\n-   **Terminal**: Real-time status updates with a final summary table.\n    \n-   **`audit_results_detailed.txt`**: A human-readable report including server headers and detected versions.\n    \n-   **`audit_results.json`**: Machine-readable data for integration with other security tools.\n    \n\n## ⚠️ Disclaimer\n\nThis tool is provided for **educational purposes and authorized security auditing only**. Running this tool against targets without explicit permission is illegal and unethical. The developer (`xsanflip`) is not responsible for any misuse or damage caused by this program.\n\n**Author:** [xsanlahci](https:\u002F\u002Fgithub.com\u002Fxsanflip \"null\")\n\n**Research Reference:** Based on findings published by watchTowr Labs (April 2026).\n","该项目是一款高性能的多线程安全审计工具，专门用于检测cPanel & WHM中存在的CVE-2026-41940认证绕过漏洞。它利用HTTP头部的CRLF注入技术来识别cPanel服务守护进程（`cpsrvd`）是否容易受到未授权的root访问。核心功能包括动态端口发现、智能检测、高并发扫描以及美观的终端用户界面，并支持生成详细文本报告和结构化数据文件。适用于需要对大量IP地址或域名进行快速安全审计的场景，特别是针对使用cPanel & WHM的服务器环境。",2,"2026-06-11 03:59:02","CREATED_QUERY"]