Posted on 3 Comments

Using WordPress Ajax LoadMore Upload exploit to hack remote PC

Good Evening Friends. In our previous howto, we have seen how to use Joomla com_contenthistory Error-Based SQL Injection exploit. Today we will see how to exploit the WordPress Ajax Loadmore PHP upload vulnerability using Metasploit. This module exploits an arbitrary file upload in the WordPress Ajax Load More plugin version 2.8.1.1. I have tested this exploit on the above said plugin in WordPress version 4.1.3 on Windows.  The only offside is this exploit requires credentials. Start Metasploit and load the exploit as shown below.

Set payload as below.

Type command “show options” to see the required options for this exploit.

Set the required options as shown below. Set the remote IP address, targeturi, password and username as shown below.

After setting all the options, check whether once again as shown below.

Type command “exploit” and we will get the meterpreter session as shown below.

3 thoughts on “Using WordPress Ajax LoadMore Upload exploit to hack remote PC

  1. […] on another popular CMS WordPress. This howto is a pre-prequel to one of my articles on how to hack wordpress right here. This howto will have two other sequels and watch out for some easter eggs in this howto. ( Mind my […]

  2. […] are unauthenticated, sometimes we require credentials to exploit a vulnerability like the WordPress ajax loadmore Php upload exploit we saw in one of  previous howtos. But how do we get these credentials. Metasploit has an auxiliary […]

  3. […] are unauthenticated, sometimes we require credentials to exploit a vulnerability like the WordPress ajax loadmore Php upload exploit we saw in one of  previous howtos. But how do we get these credentials. Metasploit has an auxiliary […]

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.