[addtool] Malicious #1496
Labels
Comments
|
Issue correctly handled, tool is waiting for human validation. |
|
Tool has been refused by the team, feel free to get in touch if you have any question. Thank you! |
gwen001
added
wontfix
gwen001
added
enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
[link]homepage of the tool: https://github.com/Jsmoreira02/_Malicious (required)[/link]
[tags]list of tags separated by comma: wordpress,automation,shell,cms (required)[/tags]
[short_descr]Hacking WordPress Plugins - Authenticated Shell Upload, compromising the admin console and uploading a malicious plugin with PHP reverse shellcode (required)[/short_descr]
[long_descr]Malicious, remotely performs an upload of a PHP reverse shell on a WordPress site. The tool uses the provided credentials of an administrator or user with elevated privileges to automatically create a plugin with reverse shellcode, that gives the attacker access to the target machine. All the pentester has to do is wait for the connection, as the tool takes care of all the steps in the process: creating the plugin, logging into the user's account, uploading the malicious plugin, and triggering the connection.[/long_descr]
[image] https://github-production-user-asset-6210df.s3.amazonaws.com/103542430/240816059-7c6e38fe-7fda-4f97-9da1-b1a619f975d2.png (required)[/image]
The text was updated successfully, but these errors were encountered: