Today’s release is another simple code written with PHP, We can consider this as an idea to read the Webalizer access log and FTP logs for every user on a Cpanel Linux server that uses Webalizer as a monitoring-logging method

in every Linux server that uses Cpanel there’s Webalizer available for the users on that server , if the user is using the Webalizer service, then we can access the Webalizer folders that exist inside the tmp folder of the user from any other user on the server with any permissions , so we can consider this as a bug because the Webalizer logs contains very important information and FTP users , it might lead to a big breach sometimes you can find compressed backups that logged inside the Webalizer logs.

So the Webalizer folders exist in the tmp folder of every user that uses webalizer…


so you will find two folders Webalizer and webalizerftp.

These two folders contain all the information we need and the hacker can find this info too useful for his hack to move inside the server or to reach his targeted website inside the server.

The tool is just a shortcut to read the Webalizer for all users inside the server.

You can check the tool on my GitHub:


This tool for Educational purpose only , to help the people who willing to make a bigger projects.

Alaa Abdulridha on EmailAlaa Abdulridha on FacebookAlaa Abdulridha on GithubAlaa Abdulridha on InstagramAlaa Abdulridha on LinkedinAlaa Abdulridha on Twitter
Alaa Abdulridha
My name is Alaa Abdulridha I'm a computer engineering student and cybersecurity researcher I'm interested in web application pen-testing and game development, also I'm interested in some bug bounty programs, I like a lot of things such as reverse engineering, reading the others code to learn and then to find my own exploits and teaching it to you, Do you want to know more about me? Click Here.