Hacking Wordpress Academy - Remote Code Execution (RCE) via the Theme Editor

mariogiu69 · December 27, 2021, 11:54am

I’ve been trying to figure this one out for 2 days now:

“Use the credentials for the admin user [admin:sunshine1] and upload a webshell to your target. Once you have access to the target, obtain the contents of the “flag.txt” file in the home directory for the “wp-user” directory.”

I’m stuck on the syntax using curl to grab the contents of the “/home/htb-###/flag.txt” file. Some help would be grateful!!!

0xh4rtz · January 19, 2022, 3:06pm

Can you show the syntax that you usted to get the flag? To know what and why you’re stuck. If you’re doing something wrong.

For the last, do you upload the right payload in the “404.php” on theme editor?

Feel free to DM me.

Topic		Replies	Views
Remote Code Execution (RCE) via the Theme Editor [Academy] Other wordpress , rce , htb-academy	7	2922	January 19, 2023
Hacking WordPress (cannot open flag.txt) Academy	5	1918	November 20, 2024
ATTACKING COMMON APPLICATIONS \| Attacking WordPress Academy wordpress	12	2928	December 1, 2024
Stuck @ Academy > HACKING WORDPRESS> Skills Assessment - WordPress Off-topic help-me , wordpress , academy , skills-assessment	11	3875	December 11, 2024
Skills Assessment WordPress - Help on last question Academy wordpress , htb-academy , academy-help	8	1491	July 2, 2024

Hacking Wordpress Academy - Remote Code Execution (RCE) via the Theme Editor

Related topics