QuoVadis Posted April 9, 2015 Report Share Posted April 9, 2015 Sunt curios ce fel de damage se poate face daca cunosti urmatoarele date de la un mysql la un site de wordpress?. Spre exemplu:/** The name of the database for WordPress */define('DB_NAME', 'xxxx');/** MySQL database username */define('DB_USER', 'xxxx');/** MySQL database password */define('DB_PASSWORD', 'xxxxxx');/** MySQL hostname */define('DB_HOST', 'xxxxx');define('AUTH_KEY', define('SECURE_AUTH_KEY', define('LOGGED_IN_KEY', define('NONCE_KEY',define('AUTH_SALT', define('SECURE_AUTH_SALT', define('LOGGED_IN_SALT',define('NONCE_SALT', Quote Link to comment Share on other sites More sharing options...
behave Posted April 9, 2015 Report Share Posted April 9, 2015 daca sql-ul nu permite remote connection nu prea ai ce anume.. Quote Link to comment Share on other sites More sharing options...
shadowSQLi Posted April 9, 2015 Report Share Posted April 9, 2015 daca sql-ul nu permite remote connection nu prea ai ce anume..si daca permite:te loghezi o. vezi hashul de la accountul adminului daca nu-l poti sparge il inlocuiesti cu unul stiut de tine-> intri wordpress admin panel->upload shell->gain acces root->upload irc bot=)) Quote Link to comment Share on other sites More sharing options...