WordPress 2.8.3 Remote admin reset password
Page 1 of 1
WordPress 2.8.3 Remote admin reset password
The way Wordpress handle a password reset looks like this: You submit your email adress or username via this form /wp-login.php?action=lostpassword ;
Wordpress send you a reset confirmation like that via email:
"
Someone has asked to reset the password for the following site and username. http://DOMAIN_NAME.TLD/wordpress
Username: admin
To reset your password visit the following address, otherwise just ignore this email and nothing will happen
http://DOMAIN_NAME.TLD/wordpress/wp-login.php?action=rp&key=o7naCKN3OoeU2KJMMsag "
You click on the link, and then Wordpress reset your admin password, and sends you over another email with your new credentials.
Let's see how it works:
http://seclists.org/fulldisclosure/2009/Aug/0113.html
Wordpress send you a reset confirmation like that via email:
"
Someone has asked to reset the password for the following site and username. http://DOMAIN_NAME.TLD/wordpress
Username: admin
To reset your password visit the following address, otherwise just ignore this email and nothing will happen
http://DOMAIN_NAME.TLD/wordpress/wp-login.php?action=rp&key=o7naCKN3OoeU2KJMMsag "
You click on the link, and then Wordpress reset your admin password, and sends you over another email with your new credentials.
Let's see how it works:
http://seclists.org/fulldisclosure/2009/Aug/0113.html
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» WARNING: 55,000 Twitter Password Reset Notifications
» How can I access A admin Password?
» Weak Password vulnerability in WordPress
» Introduction to Remote Administration and Monitoring Systems
» Safari for Windows 3.2.1 Remote http: URI handler DoS
» How can I access A admin Password?
» Weak Password vulnerability in WordPress
» Introduction to Remote Administration and Monitoring Systems
» Safari for Windows 3.2.1 Remote http: URI handler DoS
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|