adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

module doc standardizations

Browse Source
This commit is contained in:
h00die
2020-01-20 21:41:32 -05:00
parent ca59b06fd3
commit bc312420ca
4 changed files with 6 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/modules/exploit/multi/php/wp_duplicator_code_inject.md
+2 -2
View File
@@ -1,3 +1,5 @@
## Vulnerable Application
Duplicator by Snap Creek is a WordPress plugin that can be used to create a complete backup of a WordPress instance and restore it on a fresh server. The export method generates 2 files:
* An ZIP archive with the complete WordPress files and Duplicator specific files:
* A copy of the `installer.php` script: `installer-backup.php`
@@ -14,8 +16,6 @@ When the `installer.php` completes its process, the following files remain in th
WARNING: exploiting the vulnerability will overwrite the wp-config.php file, breaking the WordPress instance.
## Vulnerable application
Install a vulnerable version of [WordPress Duplicator (<= 1.2.40)](https://downloads.wordpress.org/plugin/duplicator.1.2.40.zip) and create a backup.
Put the `install.php` and archive files on a clean web server.