Pin It

How To Crack Cpanel Passwords

Ok now lets talk about something different today.. many hackers just deface index pages for fame, many wants to get the hold on the server... some are genious and some are script kiddies... what if you got access to the server with limited permissions... and you have targeted a website on that server... what would you do at that time...!

And the real game STARTS NOW... we will learn how to crack a Cpanel password for all the websites that are hosted on that server or the particular one with the help of this method "Cpanel Cracking/Hacking!"...!!

First of all...we need a cpanel cracking shell on that server to crack the passwords of the websites that are hosted on that server!!

Step 1

First we have to upload cp.php cpanel cracking shell on that server to start our journey...!!

Step 2

Second thing we need, is the mother of this method!! Yes...we need Usernames of the websites and a Extremely capable password dictionary to crack!!

Now lets start...

Grab all the usernames of websites hosted on the website with the help these commands

1- "ls /var/mail"
2- "/etc/passwd"

Now you will see all the usersnames of the websites and the password list you have provided! Just press the "Go" button and just wait and watch your success!

If you have supplied strong enough password list then you will the a good response from the server ;) like this "Cracking success with username "ABC" with password "XYZ"

else it will show you negative response like this "Please put some good passwords to crack username "ABC" :( "

Inshort... the success of cracking usernames is directly proportional to the password dictionary provided  ;)

About The Author:

This article is writen by Mirza Burhan baig, He is an Independent Security Researcher & love to Break and Fix Things, running his own security firm BlackBitZ!

Subscribe to our Newsletter and receive updates directly via email - Get Ethical hacking and security tips directly to your inbox. Alternatively you can Join our Hackers Community on Facebook , Google+ and Twitter .

At RHA Infosec we provide different types of Security Testing from small business sites to Corporate Sites. Click Here to know more about our complete list of services.

Subscribe to RHA

Enjoyed this article?
Subscribe to "Rafay Hacking Articles" and get daily updates in your inbox for free!

Kindly Bookmark it and Share it with Friends:


Anonymous said...

compliments for the text , its helpful! but please, can u explain to me how to get cp.php to the server?! all the best!

Technononimous on August 20, 2012 at 3:38 AM said...


Anonymous said...

but how to upload a cp shell to that servr and how can i knw the server name

Anonymous said...

Even if I find out the name and ip address of that server, how will I upload that php file on that particular server? Why would the owner/administrator allow any unknown user to upload any file on his server?

Rafay Baloch on August 23, 2012 at 11:42 AM said...

You need already have a shell uploaded on the sever, in order to use this CPANEL CRACKER.

daylexmrcracker on August 25, 2012 at 5:35 AM said...

i have uploaded cp.php do i get username and passwordsof the vulnerable cpanels

Anonymous said...

where do i input those commands for the username and pasword

Anonymous said...

what about uploading c99 shell and have root privilage rather than uploading cp.php ........Thnks

Muhammad Ahmed on December 18, 2012 at 6:53 AM said...

Can we come to knw earlier if shell uploading will work or not? Because I av tried sql injection lot of time and got success, was able to get username and passwords also... but when I was trying to get access to the server by uploading shell, I failed each time. Shells did get uploaded, but did never run....

Anonymous said...

Any one can help me to hack CPanel of a website.. you will be paid on completing stuff. contact me at

Anonymous said...

Update Download Link Please

Dare to ask? :)

Blog Archive


Recent Comments


Rafay Baloch is an Independent security researcher, Internet marketer, Entrepreneur and a SEO consultant, He is the founder of RHA blog and multiple other blogs. Rafay got famous after finding a Remote Code Execution bug inside PayPal for which PayPal awarded him a sum of 10,000$ Read More..

Join In!

RHA © 2013. All Rights Reserved.