Wordpress

WPScan

don't forget to setup URL variable

export URL="<wordpress url"

Initial Scan

wpscan --url $URL --disable-tls-checks --enumerate p --enumerate t --enumerate u

Plugin Enumeration (Aggressive)

wpscan --url $URL --enumerate p --plugins-detection aggressive

note:

  • akismet --> just ignore it

Get a shell from Admin

  • theme = twentyseventeen

  • go to header.php

  • input shell in the php script.

PreviousLFI / Path TraversalNextSMB (445)

Last updated