Things Required -
- shelled website with open directories in it .
Step by Step Guide -
- First you must know Jumping server . if you dont know how to then stop reading & learn that first .
- So we have to do jumping server with our shell & then you will get many dir like config.php, configuration.php, wp-config.php .
- Then now after we have got those directories, then we will open it then there we could find the mysql DB name, DB username, DB password .
- So after you have got username & password, now you have to connect to MySQL database server . so we will open the MySQL option ( b374k shell ) & then there we have to enter the username & password .
- After you have logged in then there you will see 2 database one would be information_schema & the other one would be of some name mostly with the database name . Then click on the database which i told would be with the name of database .
- Then after clicking on it you have to search for wp-users . Then after finding it you have to click on it, finally there you would find the users & admin username & password .
- You have successfully found the password but the problem is that its very hard to crack that hash . so now we would reset the password query in that black box . go in the black box & type this -
UPDATE wp_users SET user_pass =md5( '123456') WHERE user_login = 'admin';
Then click on Go ! , after you have done it you will get a reply given below like this
UPDATE wp_users SET user_pass =md5( '123456') WHERE user_login = 'admin'; [ok]
- Now you are almost done ! Just open the login page www.yoursite.com/wp-admin/ & Upload your shell .
Hope you all like this tutorial & if any problem then mention it Via Comments ;)
No comments:
Post a Comment