• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Protect your Xampp in 10 seconds!

Azi

Azi

Banned User
Joined
Aug 12, 2007
Messages
1,167
Reaction score
53
Location
Włocławek
Hello, I wrote a simple script that will safeguard your database in the blink of an eye, 10 seconds is the time given, together with the script installation. : P

The script was made for the beginners who do not know how protect our database!

For the script to work, you can use it immediately after installing xampp, where the "root" is the default password set to blank.

What action will the script?
  • Removing the user "PMA" for any host, and for the local host, if exists.
  • Removing the user "ROOT" for any host, if exists.
  • Change user password "ROOT" for the local host, on randomly generated.

How to install script?

Immediately after the installation of Xampp, go to the htdocs folder and change the contents of the file "index.php" to the PHP code shown in the thread, then start Apache and visit http://localhost/index.php, and then delete the index.php!
Remember to save your generated password to the user "root"

Script:
PHP: 
<?php
error_reporting(0);
$connect = mysql_connect("localhost", "root", "");
	if(!$connect){
		echo "Unable to connect to the database for root@localhost. password must be empty (default).";
	}else{
		$query1 = mysql_query("DROP USER 'root'@'%';");
		if($query1){
			echo "\"ROOT\"@\"%\" - account for any host has been deleted.!";
		}
		$query2 = mysql_query("DROP USER 'pma'@'localhost';");
		if($query2){
			echo "\"PMA\"@\"LOCALHOST\" - account for local host has been deleted.";
		}		
		$query3 = mysql_query("DROP USER 'pma'@'%';");
		if($query3){
			echo "\"PMA\"@\"%\" -  account for any host has been deleted.!";
		}	
		$newpass = rand(1000000000, 9999999999);
		$query4 = mysql_query("SET PASSWORD FOR 'root'@'localhost' = PASSWORD( '".$newpass."' )");
		if($query4){
			echo "<font color=\"red\">\"ROOT\"@\"LOCALHOST\" - root account for localhost password has been changed to: <b>".$newpass."</b>, save this password and don't show it for anybody! If you lost password you can't connect to our database anymore!<BR>Now you can use user \"root\" with this password to connect with your database.</font>";
		}
		
	}

?>

Regards,
Azi.
 
possible. edit:

PHP: 
$connect = mysql_connect("localhost", "root", "YOUR_PASSWORD HERE");
:)
 
How bout' making this one a sticky? it's awsome and it's useful and doesn't deserv to be forgotten on page 57 or something...
 
I know im a nuub but

When I go to http://localhost/index.php it says
PHP: 
Unable to connect to the database for root@localhost. password must be empty (default).

I tried to make it emety
$connect = mysql_connect("localhost", "root", "");

and with passowrd
$connect = mysql_connect("localhost", "root", "XXXXX");

plix halp ;O
 

Similar threads

mar173
[13.21.13839][RLMAP] Fastest way to run Local Server
Replies
8
Views
3K
Freazy
F
222222
Linux How to secure a Linux server
Replies
12
Views
3K
TibiCAM
TibiCAM
Back
Top