How to get into a WordPress site without a login, just FTP

August 22, 2011 | Time Savers, Troubleshooting, Tutorials, Wordpress | 5 comments

Ok interesting problem for you… your client gives you the FTP information for his server but has no idea what the admin password is for the WordPress site you are supposed to be working on is. Sounds a little odd but in the case I experienced the user account was an Editor role which is, in effect, useless if you want to play with plugins or users etc…

Here’s how I got in…

WordPress stores it’s passwords as hashes in the database for security purposes. Annoying if you are trying to find out other people’s passwords though. Luckily the hashinh algorithm is standard md5 across any site you use. I have several WordPress sites of my own set up so I opened up Navicat and got the password hash for a site I know the password to.

I then opened up the functions.php file for the theme I knew was active on the clients server and added the following code:

global $wpdb;
$sql = 'SELECT * FROM ' . $wpdb->users;
echo '<pre>';
print_r($wpdb->get_results($sql));
echo '</pre>';

$sql = 'UPDATE ' . $wpdb->users . ' SET user_pass = "$P$Ba8do3KsWiaThA80UbfHygumoUFu3i1" WHERE ID = 1';
$wpdb->query($sql);

Idiot proof right! You need the first query to give you the name of the admin account. This is the one with the ID of 1 and the original hash to put back once you have your own user. The second part updates that record with your own password hash. Only run the page the once and make sure to write down the old password hash because you will lose it on the second refresh otherwise.

Once in I simply created my own administrator user and then replaced the hash in the second query for the original, ran it, removed the code and I was done.

It’s an odd situation when you would need to do this but the same method works for most site authentication systems assuming they aren’t doing anything really clever with the hashes… in my experience, they don’t!

Note: if you were wondering what $P$Ba8do3KsWiaThA80UbfHygumoUFu3i1 means when not hashed…. it’s ‘sausages’ 🙂

A Donate Button!

5 Comments

  1. Debasis

    Hi Sean,
    How are you friend? Debasis here. I really love to read your blog and I always comes to your blog in regular time to see whether you have updated your blog with any new Gems or not? So this Time I came across with this Post. Sean I need little help on this..Actually I want to know that, I don’t know the changed password of my client and I have added the above code and instead of
    SET user_pass = “$P$Ba8do3KsWiaThA80UbfHyg

    The Hash I will put any password suppose I will add your name “sean” instead of the hash its reflecting on the database but when I am trying to login using the same details its not permitting to enter in to the blog. So what to do on this?
    I am little bit confuse..so whenever you will come across my this comment then please let me know about this.
    Take Care.
    Regards,
    ~Debasis.

    Reply
  2. Sean

    Hi Debasis… good to hear from you again. Never heard of RSS then? 🙂 I write posts whenever I have anything interesting to say but am in France at the moment so my blogging is a little bit more relaxed.

    I’m not entirely sure what you did. Your hashed password should be a WordPress hash. My recommendation would by to create an account on the site as a normal subscriber (if registration is turned on) and then use a SELECT query to get the password hash for the new user then set the admin user to the new hash. That way you get around any local differences to the hashing routine. I just created a user on my local WordPress site then used that hash which worked fine. If you want me to do it for you then email me the info and I shall take a look.

    A bientot!

    thanks
    Sean

    Reply
  3. Debasis

    Sean!
    ya I am aware of RSS feed. If you remember few months back I left a comment on your blog so from then I got mail from your site whenever you post any new post so from that Mail It was easier for me to keep track for your blog posts but I am observing that I am not receiving any mails from your blog whenever you are posting any new articles. So if you get some chance then please add a Google Feedburner (Email Subscription Box) to your site so that It will be gr8 to keep track on your blog.

    Ya now I got what the code was for and whats the trick behind this. Thanks a lot for the Reply.
    Take Care 🙂

    Reply
  4. Debasis

    Its Done Sean Right now I have logged in to your Blog and I have reset my Password and now I have also subscribed to your all Categories, this setting was there under the Dashboard, so I have subscribed to all the categories so I hope I will receive all the Upcoming Posts.
    Take Care
    ~Debasis 🙂

    Reply
  5. Ese

    What a life saver! Thanks Sean, and please keep up the good work. Cheers.

    Reply

Trackbacks/Pingbacks

  1. Help! Help! My [X] doesn’t work! – How to sort out basic WordPress issues and getting to the cause of a problem without the need to panic | Tortoise IT - [...] Have you forgotten your password? Do you have a second account you could try? Did you get your own…

Submit a Comment

Your email address will not be published. Required fields are marked *

CommentLuv badge

Stay in touch!

Page Builder Cloud

Page Builder Cloud

A truly universal template library for WordPress Page Builders.

Page Builder Recommendation

Elementor Banner

We are BIG fans of the Elementor page builder. Give it a look!

About this site and Sean Barton

Picture of Sean
Sean Barton is a Freelance PHP Website Developer in Crewe, Cheshire. He is a Wordpress and CMS/Framework specialist and Co-Founder of Page Builder Cloud.
This site was set up in 2008 as a tutorial and scripting resource for the PHP language and Wordpress.
Find out more about Sean on the About Me page or use the Hire Me page to get in touch. For more information about Sean's work take a look at the Portfolio

Our Services

  • Wordpress plugin/theme development
  • Divi specialist
  • Ecommerce (Woocommerce, WPSC, Shopify, Magento)
  • PSD to Wordpress theme conversion (Responsive)
  • Website design work (Banners, Logos, Full Site, etc)
  • Website analysis (security, usability, SEO)
  • API Integrations (InfusionSoft, SalesForce, Ontraport, Customer Thermometer, etc..)
  • Wordpress consultancy & expert advice
  • Crisis support
  • Website hosting

The main services offered are Wordpress based although we do a great deal of technical programming for bespoke systems. From troubleshooting, extending frameworks, finding bugs to writing them from scratch.

Find out more by looking through our past projects or get a quote.

Be the first to hear about new products/updates!

This is a mailing list for those people interested in being told when we release a new product (Divi plugin or Theme).

We shall also use this list to let you know about product updates and releases.

You have Successfully Subscribed!