Metasploit - HackMD

--- title: Metasploit --- #### Metasploit: msf6 >help msf6 > search name:wordpress ```console msf6 > search name:wordpress ``` ![](https://i.imgur.com/eqimiKo.png) ```console msf6 > use auxiliary/scanner/http/wordpress_scanner ``` ```console msf6 auxiliary(scanner/http/wordpress_scanner) > info ``` ![](https://i.imgur.com/7gNxzLh.png) ```console msf6 auxiliary(scanner/http/wordpress_scanner) > targeturi /wp-admin/ ``` - My uri is wp-admin, set according to your uri. - http://127.0.0.1:8080/wp-admin/ ```console msf6 auxiliary(scanner/http/wordpress_scanner) > show options ``` ![](https://i.imgur.com/8JxHITZ.png) ```console msf6 auxiliary(scanner/http/wordpress_scanner) > set rhosts 127.0.0.1 rhosts => 127.0.0.1 ``` ```console msf6 auxiliary(scanner/http/wordpress_scanner) > show options ``` ![](https://i.imgur.com/GcBDqru.png) ```console msf6 auxiliary(scanner/http/wordpress_scanner) > back ``` ``` msf6 > use auxiliary/scanner/http/wordpress_content_injection ``` ``` msf6 auxiliary(scanner/http/wordpress_content_injection) > info ``` set targeturi 127.0.0.1 set targeturi /wp-admin/