Advertisement
| CVE | Category | Price | Severity |
|---|---|---|---|
| Author | Risk | Exploitation Type | Date |
|---|---|---|---|
Unlock Wordpress Admin Login Disable Protection ========================================================= [+] Title :- Unlock Wordpress Admin Login Disable Protection [+] Version :- All Versions [+] Tested on :- Linux - Windows - Mac [+] Category :- webapps [+] Author :- Geek Girl [+] Team name :- Ternate Lab Pentesting [+] Official Page :- www.facebook.com/loading.gov/ [+] Official site : - http://www.idsecuritynews.com/ [+] Greedz to :- Indonesian People | Overload Team | IDSecurityNEWS | K33P-S1L3NT [+] Contact :- [email protected] ========================================================= [+] Can't you upload shell, because you target this blocked admin page area [+] [+] Request : symlink for get wp-config.php or shell cgi for bypass symlink [+] let's say you've planted a shell on a website [+] follow me example site : http://indonesianlanguage.net example protection : http://i.imgur.com/BQ4TAnk.png [+] open file wp-config.php for view username & password database [+] open you shell backdoor and open MYSQL Manager or Adminer [+] input username & password database target [+] if you have been in the target database [+] click table "wp_users" or random name table "random_name_users" and change password for you login admin area [+] click tabel "wp_options" or random_name_options [+] find a table name " Active_Plugins" and remove code and save [+] MYSQL Manager : http://i.imgur.com/6RyjbA7.png [+] Change pass wp : http://i.imgur.com/lSn0aGv.png [+] Remove code Plugins : http://i.imgur.com/oIokim1.png [+] Open you site target admin page for fix not blocked area [+] Redirect not blocked admin page area : http://i.imgur.com/UZTv1Cz.png [+] DONE!! : http://i.imgur.com/uevKfjD.png
Copyright ©2024 Exploitalert.