Hack into WordPress with MySQL Access

There are many situations in which you may not have access to the WordPress backend, but may have access to the database. If you have access to the MySQL Database you can execute the following code as a query to add a new user to the database and regain access.

Things to watch out for:

  • Check the database Prefix
    If the tables on the left are named anything other than the standard ‘wp’ then you’ll need to edit your query to match.
  • Check the database name
    In order for the query to execute it needs not only the correct table names, but also the database name
  • Check if the WordPress is a multi-site
    If the WordPress installation is multisite, you’ll likely need ‘super admin’ access which requires adding your username to the ‘site_admins’ array in the wp_sitemeta table, or utilize your active theme’s functions.php file to execute a built in function to grant super admin status. See more here: https://drawne.com/add-super-admin-wordpress-network/

I always name my WordPress databases this way: domainname_wpdb but your web host or designer likely followed a different convention.

--we need to use a unique user ID, if the user ID already exists this won't work as intended. 14 is a safer user ID number as most sites likely won't have 14 users.

INSERT INTO `mysite_wpdb`.`wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES ('14', 'Web Design INC.', MD5('password123'), 'Web Designer', 'design@webdesign.ca', '#', '2018-12-31 00:00:00', '', '0', 'Web');
INSERT INTO `mysite_wpdb`.`wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '14', 'wp_capabilities', 'a:1:{s:13:”administrator”;b:1;}');
INSERT INTO `mysite_wpdb`.`wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '14', 'wp_user_level', '10');