O'Reilly logo

Kali Linux Cookbook - Second Edition by Bob Perciaccante, Corey P. Schultz

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

To gain access to the remote WordPress installation, we will do the following:

  1. Based on the previous use of WPScan, we see that there is a SQL injection vulnerability in the Spreadsheet plugin. Unfortunately, in our WPScan, we were unable to enumerate users, so we will use this vulnerability to get the admin user information for this installation.
  2. From a command line, we will use the searchsploit tool to locate ways to exploit this vulnerability:
root@kali:~/Chapter9# searchsploit WordPress Plugin Spreadsheet 0.6 - SQL Injection
  1. This will present us with information, indicating that exploit information is available in the file /usr/share/exploitdb/platforms/php/webapps/5486.txt. When we open this file, it contains an example ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required