Wordpress Plugin

‘Lazysysadmin’ is another of the targets as recommended by the excellent TJnull, in preparation for the OSCP. Lazysysadmin is considered an ‘easy’ machine. Just for fun, we’ll take a look at a number of different exploitation routes as well as take a look at some post-exploitation activities (specifically data exfiltration or exfil). Exfil would obviously be of interest to a Red Team operator who is more more ‘goal driven’ and not so fixated on gaining root.

Webshells are a really useful stepping stone on the path to a proper reverse shell. The idea is that they use popular scripting based approaches such as PHP to accept some parameters in a GET request. That data then gets executed as a system level command - i.e. against the underlying operating system used by the web site. The types of activity you can perform are dependent on the privileges associated with the account running the web server.