[addtool] Malicious #1496
Description
[link]homepage of the tool: https://github.com/Jsmoreira02/_Malicious (required)[/link]
[tags]list of tags separated by comma: wordpress,automation,shell,cms (required)[/tags]
[short_descr]Hacking WordPress Plugins - Authenticated Shell Upload, compromising the admin console and uploading a malicious plugin with PHP reverse shellcode (required)[/short_descr]
[long_descr]Malicious, remotely performs an upload of a PHP reverse shell on a WordPress site. The tool uses the provided credentials of an administrator or user with elevated privileges to automatically create a plugin with reverse shellcode, that gives the attacker access to the target machine. All the pentester has to do is wait for the connection, as the tool takes care of all the steps in the process: creating the plugin, logging into the user's account, uploading the malicious plugin, and triggering the connection.[/long_descr]
[image] https://github-production-user-asset-6210df.s3.amazonaws.com/103542430/240816059-7c6e38fe-7fda-4f97-9da1-b1a619f975d2.png (required)[/image]
