|
4 | 4 | A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. |
5 | 5 |
|
6 | 6 | ### What do I need to run it? |
7 | | -Ensure that you have Ruby >= 2.4.2 installed on your system and then install all required dependencies by opening a command prompt / terminal in the WPXF folder and running ```bundle install```. |
| 7 | +Ensure that you have Ruby >= 2.4.3 installed on your system and then install all required dependencies by opening a command prompt / terminal in the WPXF folder and running ```bundle install```. |
8 | 8 |
|
9 | 9 | If bundler is not present on your system, you can install it by running ```gem install bundler```. |
10 | 10 |
|
@@ -37,27 +37,27 @@ Loading a module into your environment will allow you to set options with the `` |
37 | 37 | Below is an example of how one would load the symposium_shell_upload exploit module, set the module and payload options and run the exploit against the target. |
38 | 38 |
|
39 | 39 | ``` |
40 | | -wpxf > use exploit/symposium_shell_upload |
| 40 | +wpxf > use exploit/shell/symposium_shell_upload |
41 | 41 |
|
42 | 42 | [+] Loaded module: #<Wpxf::Exploit::SymposiumShellUpload:0x3916f20> |
43 | 43 |
|
44 | | -wpxf [exploit/symposium_shell_upload] > set host wp-sandbox |
| 44 | +wpxf [exploit/shell/symposium_shell_upload] > set host wp-sandbox |
45 | 45 |
|
46 | 46 | [+] Set host => wp-sandbox |
47 | 47 |
|
48 | | -wpxf [exploit/symposium_shell_upload] > set target_uri /wordpress/ |
| 48 | +wpxf [exploit/shell/symposium_shell_upload] > set target_uri /wordpress/ |
49 | 49 |
|
50 | 50 | [+] Set target_uri => /wordpress/ |
51 | 51 |
|
52 | | -wpxf [exploit/symposium_shell_upload] > set payload exec |
| 52 | +wpxf [exploit/shell/symposium_shell_upload] > set payload exec |
53 | 53 |
|
54 | 54 | [+] Loaded payload: #<Wpxf::Payloads::Exec:0x434d078> |
55 | 55 |
|
56 | | -wpxf [exploit/symposium_shell_upload] > set cmd echo "Hello, world!" |
| 56 | +wpxf [exploit/shell/symposium_shell_upload] > set cmd echo "Hello, world!" |
57 | 57 |
|
58 | 58 | [+] Set cmd => echo "Hello, world!" |
59 | 59 |
|
60 | | -wpxf [exploit/symposium_shell_upload] > run |
| 60 | +wpxf [exploit/shell/symposium_shell_upload] > run |
61 | 61 |
|
62 | 62 | [-] Preparing payload... |
63 | 63 | [-] Uploading the payload... |
@@ -87,7 +87,7 @@ All these payloads, with the exception of ```custom``` and the Meterpreter paylo |
87 | 87 | Guides on writing modules and payloads can be found on [The Wiki](https://github.com/rastating/wordpress-exploit-framework/wiki) and full documentation of the API can be found at http://www.getwpxf.com/. |
88 | 88 |
|
89 | 89 | ## License |
90 | | -Copyright (C) 2015 rastating |
| 90 | +Copyright (C) 2015-2018 rastating |
91 | 91 |
|
92 | 92 | Running WordPress Exploit Framework against websites without prior mutual consent may be illegal in your country. The author and parties involved in its development accept no liability and are not responsible for any misuse or damage caused by WordPress Exploit Framework. |
93 | 93 |
|
|
0 commit comments