[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : XAMPP 1.7.2 Change Administrative Password
# Published : 2009-12-11
# Author : bi0
# Previous Title : phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
# Next Title : B2C Booking Centre Systems SQL Injection


# Title: XAMPP 1.7.2 Change Administrative Password
# Date: 11/12/2009
# Author: bi0
# Software Link: http://www.apachefriends.org/en/xampp-windows.html
# Version: 1.7.2
# Tested on: Windows XP / Windows Vista
# CVE : ()

                ______     __     ______
               /  ==    /    /  __ 
                  __<         / 
                 _____   _   _____
                 /_____/   /_/   /_____/


[#]----------------------------------------------------------------[#]
#
# [x] XAMPP 1.7.2 Change Administrative Password
# [x] Author : bi0
# [x] Contact : bukibv@hotmail.com
# [+] Download : http://www.apachefriends.org/en/xampp-windows.html
#
[#]----------------------------------------------------------------[#]
#
# [x] Exploit :
#
#   At the older versions of xampp "xamppsecurity.php" was allowed
#   only for localhost but at version 1.7.2 i accessible by all
#
#   http://example.com/security/xamppsecurity.php
#
#   And you can change the .htacces user & pass and the phpMyAdmin pass
#
[#]----------------------------------------------------------------[#]

#EOF