Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/modules/misc/wordpress_post_auth_rce/config.yaml
1154 views
1
#

2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]

3
# Browser Exploitation Framework (BeEF) - https://beefproject.com

4
# See the file 'doc/COPYING' for copying permission

5
#

6
beef:

7
    module:

8
        wordpress_post_auth_rce:

9
            enable: true

10
            category: "Misc"

11
            name: "Wordpress Post-Auth RCE"

12
            description: "This module attempts to upload and activate a malicious wordpress plugin.  Afterwards, the URI to trigger it is: http://vulnerable-wordpress.site/wordpress/wp-content/plugins/beefbind/beefbind.php.  The command to execute can be send by a POST-parameter named 'cmd'.  CORS headers have been added to allow bidirectional crossorigin communication."

13
            authors: ["Bart Leppens"]

14
            target:

15
                working: ["ALL"]

16


17