|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 76
Members: 0
Total: 76
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
|
Some time exploit don't pull out corect hash.Change this
$testcnt = 900000;// Use bigger numbers, if server is slow, default is 300000
..and try again.I have already tried that |
|
|
|
|
I just get a message telling me that the password is incorrect. :
I stand to be corrected,
But that should be enough to confirm that that admin has changed their password... ?
Therefore that hash ... |
|
|
|
|
Okay, I have attacked a WP 2.1.3 installation with this script and I got dbff23c64c0369382f5fd24f69d03695 as the user_pass and admin as the user. I have gotten help with cracking this to: c71c34
St ... |
|
|
|
|
You allready know plaintext password:
scorpion wrote:
MD5: dbff23c64c0369382f5fd24f69d03695
Should be: c71c34
So why you want to manipulate with cookies? Have you tried this password d ... |
|
|
|
|
I used the [url=http://www.waraxe.us/ftopic-1780-0-days0-orderasc-.html]WordPress 2.1.3 sql injection blind fishing exploit ver. 2 on a WP 2.1.2 blog. Everything worked out just fine but I have one is ... |
|
|
|
|
MD5: dbff23c64c0369382f5fd24f69d03695
Should be: c71c34It didn't work, but thanks alot anyway!
This is working password for that hash. It should work ...
Maybe admin allready changed his pa ... |
|
|
|
|
MD5: dbff23c64c0369382f5fd24f69d03695
Should be: c71c34It didn't work, but thanks alot anyway! |
|
|
|
|
$testcnt = 300000----> change this to 900000That did the trick, thanks alot!
It seems that I have some issues with creating the cookies though...
I run a MD5 on the blog adress (http://s ... |
|
|
|
|
MD5: dbff23c64c0369382f5fd24f69d03695
Wordpress hash
It would be greatly appreciated with some help on this one |
|
|
|
|
I'm running this on a 2.1.2 WP blog and it seems as if I get different results every time. Is there any exploit like this one that works on a 2.1.2 WP blog? |
|
|
Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|