willygailo/CVE-2026-41940-Linux

# CVE-2026-41940 — WHM/cPanel Exploit Tool (Linux) ## 📌 Description **CVE-2026-41940** is an exploit tool targeting vulnerabilities in **WHM (WebHost Manager) / cPanel** servers running on port `2087`. The tool features a graphical user interface (GUI) built with **PyQt5** and is designed to run on **Linux** systems. - **Target:** WHM / cPanel servers - **Port:** 2087 - **Interface:** GUI (PyQt5) - **Language:** Python 3 - **Author:** FriendsExploit ## 📁 Project Structure CVE-2026-41940-Linux/ ├── CVE-2026-41940.py # Main entry point ├── requirements.txt # Python dependencies ├── Dork.txt # Google/Shodan dorks for target discovery ├── pyarmor_runtime_000000/ # PyArmor runtime (obfuscation layer) └── system/ ├── __init__.py # Module initializer ├── core.py # Core exploit logic ├── gui.py # GUI components ├── styles.py # UI styling └── workers.py # Background worker threads ## ⚙️ Requirements | Requirement | Version | |---|---| | OS | Linux (Kali recommended) | | Python | >= 3.x | | PyQt5 | >= 5.15.0 | | urllib3 | >= 1.26.0 | ## 🛠️ Installation & Setup ### 1. Clone or Download the Project git clone https://github.com/willygailo/CVE-2026-41940-Linux.git ### 2. Install Dependencies pip3 install -r requirements.txt pip3 install --break-system-packages -r requirements.txt sudo apt install python3-pyqt5 -y ## 🚀 Usage ### Run the Tool python3 CVE-2026-41940.py ### Suppress Warnings (Optional) python3 CVE-2026-41940.py 2>/dev/null ### Run on Wayland (Optional) QT_QPA_PLATFORM=wayland python3 CVE-2026-41940.py ## 🔍 Dorks for Target Discovery Use the dorks in `Dork.txt` for finding targets via Shodan or Google: title:"WHM Login" title:"WebHost Manager" port:2087 product:"cPanel" port:2087 ## ⚠️ Common Warnings (Non-Fatal) These warnings may appear on Linux — they are **harmless** and do not affect functionality: Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway. QSocketNotifier: Can only be used with threads started with QThread ## 📜 Legal Notice This tool is provided **for educational and authorized security testing only**. - ✅ Use only on systems you **own** or have **explicit written permission** to test. - ❌ Do **NOT** use on unauthorized systems. - The author assumes **no liability** for misuse of this tool. ## 🏷️ Tags `CVE-2026-41940` `WHM` `cPanel` `exploit` `penetration-testing` `linux` `pyqt5` `python3` `FriendsExploit`