all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How to get a Reverse Shell from any Wordpress ?

Add to bookmarks

Web: https://systemweakness.com/how-to-get-a-reverse-shell-from-any-wordpress-d12e2f7a3033?source=rss----f20a9840e177---4

March 15, 2023, 12:52 p.m. | Mr Jokar

System Weakness - Medium systemweakness.com

How to get a Reverse Shell from any Wordpress ?

The scenario : We are pentesting a wordpress site & eventually got admin credentials. After logging in, we get an admin dashboard from where we can edit themes or plugins.

From this situation, a proper reverse shell can be gained leveraging what we already have. Let’s talk about this.

STEP 1

First go to Appearance > Editor > 404 Template from the admin dashboard left hand corner.

You will see …

cyber-sec reverse reverse shell shell vulnerability wordpress wordpress-theme-download

Visit resource

More from systemweakness.com / System Weakness - Medium

Column-Level SecurityData Masking in Databricks 1 day, 23 hours ago | systemweakness.com
column databricks data-masking masking +3
Basic Pentesting 02 Walkthrough 1 day, 23 hours ago | systemweakness.com
basic hacking misconfiguration offensive security +3
Code Execution with “apt update” in crontab | PrivEsc in Linux 1 day, 23 hours ago | systemweakness.com
apt apt-pre-invoke-script code code execution +6
CrackMapexec | SMB & AD Enumeration Simplified ! 1 day, 23 hours ago | systemweakness.com
active directory cme crackmapexec cybersecurity +3
“Inception” WriteUp | HackThebox | Proxychain and Chisel to Pivot 1 day, 23 hours ago | systemweakness.com
apt chisel cybersecurity hackthebox +3
ChatGPT Linux Privilege Escalation 1 day, 23 hours ago | systemweakness.com
chatgpt cybersecurity escalation hacking +3
AS-REP Roasting is Scary Easy ! | Active Directory Compromise 1 day, 23 hours ago | systemweakness.com
active directory authentication compromise cybersecurity +4
Open Redirect Vulnerability: A Potential Threat to User Security 1 day, 23 hours ago | systemweakness.com
bug bounty cybersecurity open redirect programming +5
When Your Fridge Freezes Your Website: Understanding the Chaos of DDoS Attacks 4 days, 1 hour ago | systemweakness.com
attacks chaos cybersecurity ddos +5

Latest InfoSec / Cybersecurity Jobs

View more jobs Post a job on infosec-jobs.com

Product Security Architect / Red Team PenTester for AUTOSAR (m/w/d)

@ Bosch Group | Stuttgart, Germany
View on infosec-jobs.com

Cloud Security Engineer - 100% US REMOTE

@ Experian | Allen, TX, United States
View on infosec-jobs.com

System Security Analyst

@ Ashburn Consulting | Baltimore, MD, United States
View on infosec-jobs.com

Senior Advisor, Cyber

@ NielsenIQ | Chicago, IL, United States
View on infosec-jobs.com

Junior Application Security Engineer

@ Netcompany-Intrasoft | Athens, Greece
View on infosec-jobs.com

IT and process Control Security Architect

@ Statkraft | Oslo, Norway
View on infosec-jobs.com

Data Scientist, Sr. Consultant - Cybersecurity AI Research & Products

@ Visa | Ashburn, VA, United States
View on infosec-jobs.com

Senior Platform Security Engineer

@ Block | Melbourne, Australia
View on infosec-jobs.com

Snr Security Engineer (cloud)

@ Verisk | Málaga, Spain
View on infosec-jobs.com

Cybersecurity Analyst

@ Visa | Bengaluru, India
View on infosec-jobs.com

Information Security Engineer

@ ServiceNow | Orlando, FL, United States
View on infosec-jobs.com

Director of Cloud Security - 100% US REMOTE

@ Experian | Allen, TX, United States
View on infosec-jobs.com