Tsumugi 404.php

Authenticated exploit

Once in dashboard : [1]go to → appearance → themes → theme editor Will automatically select the first one, called tsumugi (the other ones should work as well) [2]scroll down to 404 template [3] From kali craft a php-reverse-shell [4]copy and paste in the Theme editor, save and exit [5]set up listener on kali (nc -nvlp 1234) [6]Trigger navigating to http://10.10.10.10/404.php (important!)