Support us on Patreon:
This video will teach you how to create a simple webshell which will allow you to run commands on the web server via a simple HTTP query.

This requires that you already have admin access, which you could have acquired through another exploit.

To make this webshell we simply edit the websites main template to include a new function, the new function will take any text we send it and run it via shell exec. This will work on any WordPress version.

Discussion:

This video is made by Ismael Vasquez Jr.

Website –
Learning course –
Video teaching –
Github –
LinkedIn –

GH:
Donate on our Forum :
Support us on Patreon :

Follow us on Video teaching :
Follow us on Learning course :
Follow us on Twitch :
Follow us on Reddit :
Follow us on GitHub :
Follow us on Video tutorial :

A web shell is a web security threat, which is a web-based implementation of the shell concept. A web shell is able to be uploaded to a web server to allow remote access to the web server, such as the web server’s file system. A web shell is unique in that it enables users to access a web server by way of a web browser that acts like a command-line interface.

A user can access a the shell using a web browser on any type of system, whether it’s a desktop computer or a mobile phone with a web browser, and perform tasks on the remote system. No command-line environment is required on either the host or the client. A web shell is often considered a remote access trojan.

A web shell could be programmed in any language that the target server supports. Web shells are most commonly written in PHP due to the widespread use of PHP, however, Active Server Pages, ASP.NET, Python, Perl, Ruby and Unix shell scripts are also used, although not as common because it is not very common for web servers to support these languages.

An attacker can use a web shell to issue commands, perform privilege escalation on the web server, and the ability to upload, delete, download and run files on the web server.

An attacker can find vulnerabilities which are exploited resulting in a web shell installation. These vulnerabilities may be present in content management system applications or the web server’s software.
#Simple #Wordpress #Web #Shell #Tutorial

Leave a Comment

Your email address will not be published. Required fields are marked *