WordPress Exploit Framework v2.0.1 releases

WordPress Exploit Framework is a Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.

Changelog

v2.0.1

Changes

  • Add bypass for admin shell uploads when write permissions are not present on the plugins directory
  • Update dependencies

v2.0

This version is NOT compatible with 1.x. To upgrade to 2.0, remove your previous installation and install the gem by running gem install wpxf.

New Features

  • Loot is now stored into a .wpxf directory inside your home directory
  • A data store (by default sqlite3) is now used to store information gathered by modules
  • Harvested credentials can be viewed using the creds command
  • Gathered loot can be viewed using the loot command
  • Support for workspaces is now available and can be utilized using the workspace command
  • Numerous improvements to the API have been introduced
  • Custom modules can now be added to the .wpxf directory

Using Custom Modules

If you have a custom module you wish to use, you can now place it within the ~/.wpxf/modules/directory and then load it in the CLI using the normal use {exploit_path} syntax.

Installation

sudo apt-get install build-essential patch

sudo apt-get install ruby-dev zlib1g-dev liblzma-dev
git clone https://github.com/rastating/wordpress-exploit-framework.git

 

 

What payloads are available?

  • bind_php: uploads a script that will bind to a specific port and allow WPXF to establish a remote shell.
  • custom: uploads and executes a custom PHP script.
  • download_exec: downloads and runs a remote executable file.
  • meterpreter_bind_tcp: a Meterpreter bind TCP payload generated using msfvenom.
  • meterpreter_reverse_tcp: a Meterpreter reverse TCP payload generated using msfvenom.
  • exec: runs a shell command on the remote server and returns the output to the WPXF session.
  • reverse_tcp: uploads a script that will establish a reverse TCP shell.

All these payloads, with the exception of custom and the Meterpreter payloads, will delete themselves after they have been executed, to avoid leaving them lying around on the target machine after use or in the event that they are being used to establish a shell which fails.

Usage

ruby wpxf.rb

 

Tutorial

Copyright (C) 2015-2018 rastating

Source: https://github.com/rastating/