i will explain how to hack wordpress sites without cracking the hashes.
SQLi Vulnerable Wordpress Site
WP version Should Be <= 3.4.3
Lets Get Started.....
[#] Find Admin Username
Note down the admin username/email.
[#] Send Activation Key
[#] Get The Activation Key
Now you will be able to view the activation key
[#] Reset The Password Now finally all we have to do is append the following to the site url and edit it with your activation key and username.
eg:-
Now enter a new password reset the password and you will able to login it. :D
By now admin may know someone is trying to hack his website since we have sended an activation key to his email. Now its up to you to pawn the server fast.
hanks for reading.
Stay safe and gud luck!
Requirments:
For this tutorial, we’ll be using “http://www.target.com/somewordpressplugin.php?id=1” as an example.
Lets Get Started.....
[#] Find Admin Username
First step is to find the admin username. For finding admin username we will extract the column wp_users using SQLi.
eg:-
eg:-
Note down the admin username/email.
[#] Send Activation Key
a) Go to http://www.target.com/wp-login.php
b) Click on Lost your password ?
c) Now the wordpress will ask you for a username/email, enter the username/email of admin and click reset.
Now it should be saying
Check your e-mail for the confirmation link.
Now what wordpress does is it sends an activation key to the email address but also it sets the value of activation key in the database as well. Since we have an SQLi on that site we will be able to view the activation key in the database.
b) Click on Lost your password ?
c) Now the wordpress will ask you for a username/email, enter the username/email of admin and click reset.
Now it should be saying
Check your e-mail for the confirmation link.
Now what wordpress does is it sends an activation key to the email address but also it sets the value of activation key in the database as well. Since we have an SQLi on that site we will be able to view the activation key in the database.
[#] Get The Activation Key
Activation key is stored in the column user_activation_key so our query will be: eg:-
Now you will be able to view the activation key
[#] Reset The Password Now finally all we have to do is append the following to the site url and edit it with your activation key and username.
eg:-
Now enter a new password reset the password and you will able to login it. :D
By now admin may know someone is trying to hack his website since we have sended an activation key to his email. Now its up to you to pawn the server fast.
hanks for reading.
Stay safe and gud luck!
Post a Comment
EmoticonClick to see the code!
To insert emoticon you must added at least one space before the code.