[wp-testers] Wordpress Google MD5 hash crack
Dan Coulter
dan at dancoulter.com
Wed Nov 21 16:47:32 GMT 2007
On Nov 21, 2007 10:33 AM, PkbCS Contact <contact at pkbcs.com> wrote:
> Obtaining the MD5 hash is not that difficult. A lot of shared hosts do
> not protect the web roots of their users properly which makes it a
> trivial task to obtain the contents of wp-config.php and connect to the
> user's database and obtain the hash.
If you get a WP install's database password, you can create your own
administrative user and you won't need to crack the md5 hash.
--
Dan Coulter
http://www.dancoulter.com/
http://www.phpflickr.com/
It is time - http://e-hobo.com/
Hey, I got nothing to do today but smile
-Simon and Garfunkel
More information about the wp-testers
mailing list