Compromising XAMPP servers
Getting the shell back from the victim's system is easy. However, what if the target is a web server running the latest copy of XAMPP server? Well, if you have found a vulnerable server where you can upload files by exploiting a web application-based attack, such as some of the web application attacks, including remote file inclusion, SQL injections, or any other means of file upload, you can upload a malicious PHP meterpreter and get access to the target web server.
The PHP meterpreter
To learn the method discussed previously, we need a PHP-based meterpreter shell, which we can make using the following commands:
In the preceding command, R denotes a raw type of output that implies purely PHP-based output without any encoding.
We need to upload this PHP file onto the target web server and we need to start a handler for the back connection as well as shown in the following screenshot:
To run the PHP meterpreter file, ex.php, we simply need to navigate to the file using...
