Skip to content

espreto/wpsploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

129 Commits

documentation

documentation

 
 

modules

modules

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

WPSploit

WPSploit - Exploiting WordPress With Metasploit.

This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool.

Currently:

45 modules (15 exploits and 30 auxiliaries)

Usage:

For the use of these modules, you can download them to the directory:

# cd /tmp
# git clone https://github.com/espreto/wpsploit
# mv wpsploit/modules/auxiliary/ ~/.msf4/modules/
# mv wpsploit/modules/exploits/ ~/.msf4/modules/
# msfconsole
or
# cd /path/to/msf
# ./msfconsole

For details, check the official documentation of metasploit talking about "Loading External Modules".
All modules will be created based on WPScan Vulnerability Database - WPVDB.

The public GitHub source repository can be found at:
https://github.com/espreto/wpsploit

Questions and suggestions can be sent to:
robertoespreto[at]gmail.com

Mentioned in a blog post by Rapid7/Metasploit: "WordPress Exploitation Extravaganza".

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

To Do:

Missing some features, but it's a start.

About

WPSploit - Exploiting Wordpress With Metasploit

Resources

Readme

License

MIT license
Activity

Stars

212 stars

Watchers

25 watching

Forks

69 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages