Jump to content


Photo

[Solved] Cpanel Login Script And Cookies

cookies

  • This topic is locked This topic is locked
5 replies to this topic

#1 ablaty2

ablaty2

    Rank I Member

  • Members
  • Pip
  • 36 posts

Posted 13 April 2012 - 12:27 AM

Has the cpanel login cookie format been changed recently? A script that I've been using for a daily backup of my MySQL database recently stopped working.

I originally made the script based on this post:
http://www.helionet....4737#entry64737

Currently this is what the script returns: http://10stoptours.c...ipt/buMySQL.php

I have included a copy of the source.

Thanks,
Alex


php
# Edit email info
$to = "Alex <myemal@gmail.com>";
$from = "Automated Backup <dailybackup@10stoptours.com>";
$subject = "Mysql Backup";
$message = "10StopTours.com Mysql GZIP Backup";

# Edit cpanel backup info
# login is cpanel login username and password
$user_name = "username";
$user_pass = "password";
$database = "username_tours";
$domain = "10stoptours.com";
$url = "http://$domain:2082/getsqlbackup/$database.sql.gz";
$agent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";
$cook_file = "curl_login_cookie.txt";

# get file extension
$extract = pathinfo($url);
$fname = ($extract['basename']);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_REFERER, "http://$domain");
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_UNRESTRICTED_AUTH, true);
curl_setopt($ch, CURLOPT_USERPWD, "$user_name:$user_pass");
curl_setopt($ch, CURLOPT_COOKIEFILE, $cook_file);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cook_file);

$result = curl_exec($ch);
$extract = curl_getinfo($ch);
$httpcode = $extract['http_code'];
curl_close($ch);

if ($httpcode >= 200 && $httpcode < 303) {

####### Email gzip attachment #######
$content = chunk_split(base64_encode($result));
$uid = md5(uniqid(time()));
$header = "From: $from\r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
$header .= "This is a multi-part message in MIME format.\r\n";
$header .= "--".$uid."\r\n";
$header .= "Content-type:text/plain; charset=iso-8859-1\r\n";
$header .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
$header .= $message."\r\n\r\n";
$header .= "--".$uid."\r\n";
$header .= "Content-Type: application/x-gzip; name=\"".$fname."\"\r\n";
$header .= "Content-Transfer-Encoding: base64\r\n";
$header .= "Content-Disposition: attachment; filename=\"".$fname."\"\r\n\r\n";
$header .= $content."\r\n\r\n";
$header .= "--".$uid."--";
mail($to, $subject, $message, $header);
####### End email attachment ########

} else {
echo "cPanel Login Failed!";
}

# delete cookie file
if (file_exists($cook_file)) {
unlink($cook_file);
}
?>

#2 Byron

Byron

    Rank X Member

  • Root Admin
  • 7,976 posts
  • Gender:Male
  • Location:USA

Posted 13 April 2012 - 12:00 PM

I just ran this script on my site and it worked fine:

http://byrondallas.h...ysql_backup.txt

Make sure you can login manually to your cpanel and then check your login info on your script.



#3 ablaty2

ablaty2

    Rank I Member

  • Members
  • Pip
  • 36 posts

Posted 16 April 2012 - 09:19 PM

Thanks for the reply. I just double checked that my username and password were correct, but that didn't fix the problem. Is it possible that I have to configure the server to accept connections from itself (like in remote MySQL)?

Thanks again,
Alex

I think I figured out the problem. Is there anyway to fix it, other than changing my username? I played around with it and got this message (see bold):


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR...nsitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="shortcut icon" href="/cPanel_magic_revision_1255087532/unprotected/cpanel/favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex, nofollow" />
<title>cPanel&reg; 11</title>
<link rel="stylesheet" href="/cPanel_magic_revision_1255087532/unprotected/cpanel/style_optimized.css" type="text/css" />
<!--[if IE]>
<style type="text/css">
#mid{
height:300px;
}
</style>
<![endif]-->
<meta name="robots" content="noindex, nofollow" />
</head>
<body>
<div id="wrap">
<div id="top"></div>
<div id="mid">
<div id="content-wrap" align="center">

<h1>Brute Force Protection</h1>
This account is currently locked out because a <a href='http://en.wikipedia.org/wiki/Brute_force_attack'>brute force attempt</a> was detected. Please wait a few minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.
<form action="/login/" method="post" >
<input type="hidden" name="login_theme" value="cpanel" />
<table width="200px" class="login" cellpadding="0" cellspacing="0">
<tr>
<td align="left" colspan="2"><strong>Login</strong></td>
</tr>
<tr>
<td class="login_lines">Username&nbsp;</td>
<td class="login_lines"><input id="user" autofocus="autofocus" type="text" name="user" size="16" tabindex="1" /></td>
</tr>
<tr class="row2">
<td class="login_lines">Password&nbsp;</td>
<td class="login_lines"><input id="pass" type="password" name="pass" size="16" tabindex="2" /></td>
</tr>
<tr>
<td colspan="2" style="text-align: center"><input type="submit" value="Login" class="input-button" tabindex="3" /></td>
</tr>
</table>
<input type="hidden" name="goto_uri" value="/getsqlbackup/ablaty_tours.sql.gz" />
</form>
<script type="text/javascript">
//<![CDATA[
document.getElementById("user").focus();
/* Must not include external javascript -jnk 06.20.09 */
//]]>
</script>
</div>
</div>
<div id="bot">
</div>
&copy; cPanel, Inc. 2011
</div>
</body>
</html>

#4 Byron

Byron

    Rank X Member

  • Root Admin
  • 7,976 posts
  • Gender:Male
  • Location:USA

Posted 16 April 2012 - 09:43 PM

This support request is being escalated to our root admin.

@administrators: Does anybody know how to reset his brute force attempt problem?

#5 cl58

cl58

    Rank X Member

  • Moderators
  • 1,272 posts
  • Gender:Male
  • Location:New Jersey

Posted 17 April 2012 - 01:06 AM

It can be fixed from WHM.

Should be fixed.
Posted Image
cl58.tk
Support Administrator
Contact
Wiki | Facebook | Twitter | Feedback

*Please note CL58Services new home: cl58.tk
Posted ImagePosted Image

#6 Byron

Byron

    Rank X Member

  • Root Admin
  • 7,976 posts
  • Gender:Male
  • Location:USA

Posted 17 April 2012 - 01:43 AM

@cl58; Your right, it's fixed. It was fixed earlier by another admin. through PM.





Also tagged with one or more of these keywords: cookies

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users