May 14, 2021
wp_admin_shell_upload
In this tutorial we will see how to upload a reverse shell and gain remote code execution on a Wordpress target. We will be using the wp_admin_shell_upload module of Metasploit to perform this demonstration. For this module to work, it is important to have the username and password of a user with admin privileges on the target box.
Once metasploit is launched, the first thing we have to do is select this module. The show options command shows the different options available for this module.
Next we have to specify the remote host, the username and password by entering set RHOSTS 10.10.10.46, set USERNAME falaraki and set PASSWORD Transclisiation respectively. Once these options have been set, we can execute this module by entering exploit.
If the module is successful in its execution then we can interact with our target using the command line and run whichever command we choose.
You can follow me on Twitter mujtabareads.
- Escalate a Regular Shell to Meterpreter Shell
- Reading Outlook Files in Terminal
- Escalating Privileges with Metasploit's Local Exploit Suggester
- Simple wget PowerShell Script
- PsExec in Linux
- Eternal Blue Exploitation with Metasploit
- Exploit EternalBlue with Custom Exploit - 1
- Exploit EternalBlue with Custom Exploit - 2
- Local Privilege Escalation on Linux Kernel < 4.4.0-116
- Extract Passwords from Firefox Profile
- Escalate Privileges via pip
- Escalate Privileges by Modifying the /etc/passwd File
- wp_admin_shell_upload
- Extract Passwords with LaZagne
- Bruteforce Windows Server SMB Credentials with Medusa
- Brute Force Windows Server SMB Credentials with Hydra
- Brute Force Windows Server SMB Credentials with NCrack
- Brute Force Windows Server SMB Credentials with CrackMapExec
- Brute Force Windows Server SMB Credentials with Metasploit
- Exploit PrintNightmare