[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : XAMPP 1.7.2 Change Administrative Password
# Published : 2009-12-11
# Author : bi0
# Previous Title : phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
# Next Title : B2C Booking Centre Systems SQL Injection
# Title: XAMPP 1.7.2 Change Administrative Password
# Date: 11/12/2009
# Author: bi0
# Software Link: http://www.apachefriends.org/en/xampp-windows.html
# Version: 1.7.2
# Tested on: Windows XP / Windows Vista
# CVE : ()
______ __ ______
/ == / / __
__< /
_____ _ _____
/_____/ /_/ /_____/
[#]----------------------------------------------------------------[#]
#
# [x] XAMPP 1.7.2 Change Administrative Password
# [x] Author : bi0
# [x] Contact : bukibv@hotmail.com
# [+] Download : http://www.apachefriends.org/en/xampp-windows.html
#
[#]----------------------------------------------------------------[#]
#
# [x] Exploit :
#
# At the older versions of xampp "xamppsecurity.php" was allowed
# only for localhost but at version 1.7.2 i accessible by all
#
# http://example.com/security/xamppsecurity.php
#
# And you can change the .htacces user & pass and the phpMyAdmin pass
#
[#]----------------------------------------------------------------[#]
#EOF