Share
## https://sploitus.com/exploit?id=1B74412D-48E6-577C-8B75-929049456832
# CVE-2026-41940 โ€” WHM/cPanel Exploit Tool (Linux)

> โš ๏ธ **DISCLAIMER:** This tool is intended for **authorized penetration testing and educational purposes only**. Using this tool against systems without explicit written permission is **illegal**. The developers are not responsible for any misuse or damage caused.

---

## ๐Ÿ“Œ Description

**CVE-2026-41940** is an exploit tool targeting vulnerabilities in **WHM (WebHost Manager) / cPanel** servers running on port `2087`. The tool features a graphical user interface (GUI) built with **PyQt5** and is designed to run on **Linux** systems.

- **Target:** WHM / cPanel servers
- **Port:** 2087
- **Interface:** GUI (PyQt5)
- **Language:** Python 3
- **Author:** FriendsExploit

---

## ๐Ÿ“ Project Structure

```
CVE-2026-41940-Linux/
โ”œโ”€โ”€ CVE-2026-41940.py          # Main entry point
โ”œโ”€โ”€ requirements.txt           # Python dependencies
โ”œโ”€โ”€ Dork.txt                   # Google/Shodan dorks for target discovery
โ”œโ”€โ”€ pyarmor_runtime_000000/    # PyArmor runtime (obfuscation layer)
โ””โ”€โ”€ system/
    โ”œโ”€โ”€ __init__.py            # Module initializer
    โ”œโ”€โ”€ core.py                # Core exploit logic
    โ”œโ”€โ”€ gui.py                 # GUI components
    โ”œโ”€โ”€ styles.py              # UI styling
    โ””โ”€โ”€ workers.py             # Background worker threads
```

---

## โš™๏ธ Requirements

| Requirement | Version |
|---|---|
| OS | Linux (Kali recommended) |
| Python | >= 3.x |
| PyQt5 | >= 5.15.0 |
| urllib3 | >= 1.26.0 |

---

## ๐Ÿ› ๏ธ Installation & Setup

### 1. Clone or Download the Project

```bash
git clone https://github.com/willygailo/CVE-2026-41940-Linux.git
```

### 2. Install Dependencies

```bash
pip3 install -r requirements.txt
```

> If you're on Kali Linux and get an "externally managed environment" error:
```bash
pip3 install --break-system-packages -r requirements.txt
```

> Or install PyQt5 via apt:
```bash
sudo apt install python3-pyqt5 -y
```

---

## ๐Ÿš€ Usage

### Run the Tool

```bash
python3 CVE-2026-41940.py
```

### Suppress Warnings (Optional)

```bash
python3 CVE-2026-41940.py 2>/dev/null
```

### Run on Wayland (Optional)

```bash
QT_QPA_PLATFORM=wayland python3 CVE-2026-41940.py
```

---

## ๐Ÿ” Dorks for Target Discovery

Use the dorks in `Dork.txt` for finding targets via Shodan or Google:

```
title:"WHM Login"
title:"WebHost Manager" port:2087
product:"cPanel" port:2087
```

> ๐Ÿ”— [Shodan.io](https://www.shodan.io) | [Google](https://www.google.com)

---

## โš ๏ธ Common Warnings (Non-Fatal)

These warnings may appear on Linux โ€” they are **harmless** and do not affect functionality:

```
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.
QSocketNotifier: Can only be used with threads started with QThread
```

---

## ๐Ÿ“œ Legal Notice

This tool is provided **for educational and authorized security testing only**.

- โœ… Use only on systems you **own** or have **explicit written permission** to test.
- โŒ Do **NOT** use on unauthorized systems.
- The author assumes **no liability** for misuse of this tool.

---

## ๐Ÿท๏ธ Tags

`CVE-2026-41940` `WHM` `cPanel` `exploit` `penetration-testing` `linux` `pyqt5` `python3` `FriendsExploit`