Home

Awesome

WPSploit

WPSploit - Exploiting WordPress With Metasploit.

This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool.

Currently:</br>

45 modules (15 exploits and 30 auxiliaries)

Usage:</br>

For the use of these modules, you can download them to the directory:

# cd /tmp
# git clone https://github.com/espreto/wpsploit
# mv wpsploit/modules/auxiliary/ ~/.msf4/modules/
# mv wpsploit/modules/exploits/ ~/.msf4/modules/
# msfconsole
or
# cd /path/to/msf
# ./msfconsole

For details, check the official documentation of metasploit talking about "Loading External Modules".</br> All modules will be created based on WPScan Vulnerability Database - WPVDB.</br></br>

The public GitHub source repository can be found at:</br> https://github.com/espreto/wpsploit</br></br>

Questions and suggestions can be sent to:</br> robertoespreto[at]gmail.com</br></br>

Mentioned in a blog post by Rapid7/Metasploit: "WordPress Exploitation Extravaganza".

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

To Do:

Missing some features, but it's a start.