## https://sploitus.com/exploit?id=EACA4A21-0231-5F08-B1FE-45E9F7326B97
# cPanel-CVE-2026-41940-Scanner



This high-performance security tool is designed to identify and exploit **CVE-2026-41940**, a critical CRLF injection vulnerability in cPanel & WHM. It automates the entire process from Shodan discovery to administrative token creation.
---
## Key Features
- **Automated Shodan Discovery**: Bulk fetch targets based on port, country, and specific page ranges.
- **Multi-threaded Engine**: High-speed scanning with configurable thread counts.
- **Persistent Queue System**: Uses SQLite to store pending targets, ensuring no progress is lost if the bot stops.
- **Auth Bypass & Token Creation**: Automates the 4-stage exploit to leak session tokens and generate WHM API tokens.
- **Domain Extraction**: Automatically pulls all hosted domains from the WHM panel upon successful entry.
- **Stealth & Robustness**: Advanced error handling (SSL/Timeout suppression) and canonical host resolution.
---
## Demonstration

> **Note:** The scanner provides real-time stage-by-step logging from `[0]` (Canonical Host) to `[4]` (Root Verification).
---
## Installation
1. **Clone the repository:**
```bash
git clone https://github.com/merdw/cPanel-CVE-2026-41940-Scanner.git
cd cPanel-CVE-2026-41940-Scanner
```
2. **Install dependencies:**
```bash
pip install -r requirements.txt
```
3. **Configure the tool:**
Edit `config.json` with your Shodan API key and scan preferences.
---
## Usage
Run the main orchestrator:
```bash
python main.py
```
### Modes:
- **1. Shodan Mode**: Automatically pulls targets from Shodan based on your `config.json` and starts scanning.
- **2. Manual Mode**: Enter a single IP or URL to test a specific target.
---
## Configuration (`config.json`)
```json
{
"shodan_api_key": "YOUR_API_KEY",
"threads": 25,
"timeout": 35,
"shodan_start_page": 1,
"shodan_pages": 10,
"shodan_country": "TR",
"scan_ports": [2087, 2083, 2096]
}
```
---
## โ ๏ธ Disclaimer
This tool is for educational purposes and authorized security testing only. The author is not responsible for any misuse or damage caused by this software. Use it at your own risk.
## ๐ Credits
Special thanks to **@watchtowrlabs** for the original research and exploit implementation. This PoC is a modified and extended version of their work.
---
## ๐ค Contribution
Feel free to open issues or submit pull requests to improve the scanner!
---
*Developed with โค๏ธ for the security community.*