From Wordpress admin to pty automatically!

These details have not been verified by PyPI

Project links

Project description

Test suite status Version v2.7 GPL-2.0 license

Omega - From Wordpress admin to pty

The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Works in Linux, Windows and MacOS hosts!

The shell code used for Windows hosts is a modified version of the PHP reverse shell by ivan-sincek, credits to the author.

Omega getting a pty to a Wordpress host

How does it work?

First, Omega gets an admin session in the Wordpress site and using web scrapping, it extracts the current template used by Wordpress. After that, it will use the template editor to inject a payload with a simple web shell and a base64 PHP code evaluation function.

Once everything is set up, Omega will spin up a listener, execute a reverse shell using the payload injected and wait for the shell to connect back. Before giving the control to the user, Omega will try to stabilize the shell and get a pty (Only for Linux and MacOS hosts).

If stabilization is not possible using the methods Omega has, a non tty shell will be provided that can be stabilized without problems using any method you want.

Installation

Just execute pip3 install omega-wp and enjoy! You can use a virtual env or intall it system wide.

Usage

If you have all the requirements you can start playing with Omega!

Omega - From Wordpress admin to pty

usage: omega [-h] [-v] [--no-pty] -u WP_URL -l USERNAME -p PASSWORD -H LHOST [-P LPORT]

Provides a reverse shell (stabilized if possible) to a Wordpress host. You need admin credentials!

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  --no-pty              if this flag is set, no shell stabilization is perform
  -u WP_URL, --wp-url WP_URL
                        the target Wordpress url
  -l USERNAME, --username USERNAME
                        Wordpress admin user to use for login
  -p PASSWORD, --password PASSWORD
                        Wordpress admin password to use for login
  -H LHOST, --lhost LHOST
                        the ip where the reverse shell should connect to
  -P LPORT, --lport LPORT
                        the port used to listen for the reverse shell (Default: 8080)

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

2.7

Mar 10, 2024

2.6.post1

May 3, 2023

2.6

Jan 3, 2022

2.5.post4

Aug 7, 2021

2.5.post3

Aug 3, 2021

2.5.post2

Aug 2, 2021

2.5.post1

Aug 1, 2021

2.5

Aug 1, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

omega_wp-2.7.tar.gz (23.7 kB view details)

Uploaded Mar 10, 2024 Source

Built Distribution

omega_wp-2.7-py3-none-any.whl (26.5 kB view details)

Uploaded Mar 10, 2024 Python 3

File details

Details for the file omega_wp-2.7.tar.gz.

File metadata

Download URL: omega_wp-2.7.tar.gz
Upload date: Mar 10, 2024
Size: 23.7 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.0.0 CPython/3.8.18

File hashes

Hashes for omega_wp-2.7.tar.gz
Algorithm	Hash digest
SHA256	`e56fcd03ee73686b99b4b2ec176bdd990b42f7abf71a224e5b58ef94be0dc8e3`
MD5	`59342d58f303ab4266bd2340d3475bcb`
BLAKE2b-256	`22ddf82c731fe3bb2e7e84d4bf2ae8d02261e07de312cf9737c00823c43e88b1`

See more details on using hashes here.

File details

Details for the file omega_wp-2.7-py3-none-any.whl.

File metadata

Download URL: omega_wp-2.7-py3-none-any.whl
Upload date: Mar 10, 2024
Size: 26.5 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.0.0 CPython/3.8.18

File hashes

Hashes for omega_wp-2.7-py3-none-any.whl
Algorithm	Hash digest
SHA256	`e7e5b31d602f81cf48884af3a6f93c4454080434393eb4e2a07e5e7945081654`
MD5	`d360733971f35e006c0c0004a20fcb14`
BLAKE2b-256	`fdf9df801f37b15f12476e134345a66de36eb532f3394c41acacbc35204b634d`