espreto/wpsploit espreto/wpsploit

  • Stars
    star
    210
  • Rank 187,585 (Top 4 %)
  • Language
    Ruby
  • License
    MIT License
  • Created over 9 years ago
  • Updated over 6 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
espreto/wpsploit
github

espreto

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

WPSploit - Exploiting Wordpress With Metasploit

WPSploit

WPSploit - Exploiting WordPress With Metasploit.

This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool.

Currently:

45 modules (15 exploits and 30 auxiliaries)

Usage:

For the use of these modules, you can download them to the directory:

# cd /tmp
# git clone https://github.com/espreto/wpsploit
# mv wpsploit/modules/auxiliary/ ~/.msf4/modules/
# mv wpsploit/modules/exploits/ ~/.msf4/modules/
# msfconsole
or
# cd /path/to/msf
# ./msfconsole

For details, check the official documentation of metasploit talking about "Loading External Modules".
All modules will be created based on WPScan Vulnerability Database - WPVDB.

The public GitHub source repository can be found at:
https://github.com/espreto/wpsploit

Questions and suggestions can be sent to:
robertoespreto[at]gmail.com

Mentioned in a blog post by Rapid7/Metasploit: "WordPress Exploitation Extravaganza".

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

To Do:

Missing some features, but it's a start.

More Repositories

1

simple_findbackdoor

Simple script in bash.
Shell
8
star
2

metasploit_modules

Some modules that I created for fun. :)
Ruby
6
star
3

findbackdoor

(Still does not work right) This script written in Ruby is a porting of the shell script written earlier.
Ruby
1
star