https://hussienmisbah.github.io/tags/wordpress/ Recent content in Wordpress on 0xMesbaha Hugo en Sat, 23 Apr 2022 00:51:12 +0200 https://hussienmisbah.github.io/posts/linux-machines/2022-01-21-backdoor/ Sat, 23 Apr 2022 00:51:12 +0200 https://hussienmisbah.github.io/posts/linux-machines/2022-01-21-backdoor/ <p>In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /proc/[pid] found a vulnerable gdb server running , exploiting it will gain low privilege shell , then abusing the screen binary to get the root access.</p>