For people with encrypted files please see this post: cyberpanel 0day leaked attack script · GitHub
This post will be updated with more information as we get it.
If anyone is still using Centos 7 or can not get SSH access to the server, you can try this manual patch.
Once you get access to your server in rescue mode you can edit the following file
/usr/local/CyberCP/databases/views.py
Now update the content of this file with with content from our latest patched version. Which you can find here: https://raw.githubusercontent.com/usmannasir/cyberpanel/refs/heads/v2.3.8/databases/views.py
Please also read: Detials and fix of recent security issue and patch of CyberPanel
1 Like
What to do next after changing that file?
I’ve added the link on main post, please check cyberpanel 0day leaked attack script · GitHub
After update my server is completely down. I was not able to log in ssh. Some how i manage to login. And get back live cyberpanel. I can see my websites lists but sites are not working.
1 Like
kaiji
October 30, 2024, 8:06pm
5
you have upgraded and your server is dead now ? wow
what version of linux are you using ?
you007
October 30, 2024, 10:24pm
6
my view.py is locked how can I update the file?
i just accet [via Rescue Mode i it say
kibata
November 8, 2024, 8:48pm
10
usmannasir:
/usr/l
same thing to me. How can we solve this @usman ?
Ariyan
November 9, 2024, 4:18pm
11
You can upgrade the views.py manually and then can apply this as per the guide.
Hello
Hope everyone doing well.
I have seen so many users still couldn’t recover their servers.
NO Access to SSH ( Connection Refused or Timeout )
Unable to Access cyberpanel
Unable to Access Litespeed
Not able to Login to Server Console or Recovery Mode
After analysing 100+ servers in such situations, I have found that the hacker modified the netplan, network files and that’s why the server OS couldn’t connect to the Internet itself and nothing works!
There we can do these things to Initi…
