on my previous post we have posted on Shell jumping also we have posted more on SymLink You can check on above two link so after uploading shell if you want to acess in same site where you uploaded shell then simply we have to do is edit wp-config.php
Copy MySQL Database's username and password from wp-config.php
Now Goto MYSQL option in b374k shell
and paste username and password there
Now Click on Go
Now you wil get 2 tables There
click on table below information_schema
click on 2 table and find wp_users columns there
and click on wp_users
you'll get admin username password and email there,
but its Hard to crack wp password so we need to reset it with own hash !
simply put there password reset Query in Black Box
UPDATE wp_users SET user_pass =md5( '123456') WHERE user_login = 'admin';
and Click On Go
you'll get a Reply
UPDATE wp_users SET user_pass =md5( '123456') WHERE user_login = 'admin'; [ok]
its means Password changed successfully !
Now goto : http://www.site.com/wp-admin and login there =)
Home
»
Hacking
»
WordPress Hacking
» Gaining admin Access in wordpress after uploading shell complete tutorial
Subscribe to:
Post Comments (Atom)
Post a Comment
Post a Comment
Feel Free To Ask Your Query we Love To Answer