Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/jsmoreira02/malicious_plugin

Hacking WordPress Plugins - Authenticated Shell Upload, by compromising admin console and upload a malicious plugin with PHP (reverse shell code)
https://github.com/jsmoreira02/malicious_plugin

cybersecurity hacking-tool pwntools python3 reverse-shell web-exploitation wordpress-plugin

Last synced: about 2 months ago
JSON representation

Hacking WordPress Plugins - Authenticated Shell Upload, by compromising admin console and upload a malicious plugin with PHP (reverse shell code)

Awesome Lists containing this project

README 

        





  

  

  

  

  

    

  






# Evil Wordpress Plugin (Malicious)



Malicious, remotely performs an upload of a PHP reverse shell in the form of a plugin on a WordPress site. The exploit is only successful with user credentials, so make sure you know the target username and password and check if the target user has Administrator permissions.



Install by running:



```bash

  git clone https://github.com/Jsmoreira02/Malicious_Plugin.git

```

    

## Attacking the Target Website:



![ezgif com-video-to-gif(1)](https://github.com/Jsmoreira02/Pwn_Wordpress/assets/103542430/532470ab-161f-487d-a59b-f3d0d7366c25)



- **The speed depends on your connection, check the stability of your connection in case there is a slowdown in execution**



```bash 

python3 Malicious.py -t http:// -u  -p  -L  -P 



```



### In case of complications or disconnection issues, you can just manually trigger the connection at the URL link. The script will pass it to you. ###



## 



- ***Good hacking :)***



# Warning:    

> I am not responsible for any illegal use or damage caused by this tool. It was written for fun, not evil and is intended to raise awareness about cybersecurity