Tuesday, December 26, 2017

Mass cPanel Password Changer from WHM (root / reseller) Python Script


What does this Script do?

This script changes all the cPanel passwords from WHM. it automatically generates random passwords and set them as cPanel passwords. it lists all the changed cPanel accounts in the following format:
domain.tld:2082|username|password

For what purpose it can be used?

it can be used for both good and bad purposes. for example,

good purpose:

suppose a hosting provider's server was hacked and the hacker has all the cPanel username and password access. Server admin patched the server but the cPanel passwords are still in the hackers hand! Server Admin may use this script to auto change all the passwords and further use the list to provide credentials to his customers. I am not aware of any feature from WHM which lets us change passwords by mass.

bad purpose:

as like the good purpose a hacker can use it to change all the passwords of cPanel accounts and use them in further scripts / programs as they are listed in a pattern.

Configuration:

edit the line where it says:
prefix1 = "PRO"
change the word "PRO" with anything. this will be added in the end of every randomly generated passwords.
example: &@hktbzpzPRO

Usage:

If you run the script you will see like this:

root@localhost:~/$ python change.py 

[=] Mass cPanel Pass Changer from WHM [=]
      [+] Coded By Skidie Khan [+]
       [-]TeaM Cyb3r Command0s[-]


[~]Type below format:(http://host:2086)
[$]~ 

Input your WHM URL like:
http://123.234.45.6789:2086
or, https://123.234.45.6789:2087

NOTE - if you use https and 2087 port your host must have a valid ssl certificate!
meaning if you see https warnings in browser when visiting your host this script won't work!
in that case use this script instead: httpschange.py
it has ssl verification disabled by default.

after providing whm url you will see like this:


[=] Mass cPanel Pass Changer from WHM [=]
      [+] Coded By Skidie Khan [+]
       [-]TeaM Cyb3r Command0s[-]


[~]Type below format:(http://host:2086)
[$]~ http://123.234.45.6789:2086
[~] Type below format: (user:accesshash)
[$]~ 

input your WHM username and accesshash seperated by a ":" if you are root input username as root or if you are reseller input the reseller username with the accesshash. remove line breaks from accesshash so the whole accesshash gets in one line.
for example: root:123445656647fdgr4rt4et5rge5463r45y545y5y45yd4545s5teg7d7dtyh5d56s5
or, reselleruser:123445656647fdgr4rt4et5rge5463r45y545y5y45yd4545s5teg7d7d6s5

NOTE - Don't put space between username:accesshash


After that it will start changing passwords and print them in this format: usersdomain.tld:2082|username|randompass

example output:
usersdomain1.co.uk:2082|user1|&@nharpunPRO
usersdomain12.com:2082|user2|&@mflfvvtPRO
userdomain123.net:2082|user3|&@krvatuzPRO


If you don't have the accesshash of whm and logged in using username and password you can get accesshash from

WHM Panel > Search > Remote Access Key

you will see something like this:
copy it and remove line breaks from it so all of these texts gets in 1 line and make sure there will be no space between them!

Download:

Github

 

This script can be used for good and bad purposes so use it at your own risk, this tutorial was written for educational purpose only and the author is not responsible for any damage done by you to others using this script.