I searched around and saw a lot of very specific questions about the SHIELD machine in Starting Point, but my question is a bit more general. I'm less interested in learning how to use MSF inside and out than I am in knowing exactly what's going on with the machines I'm hacking, the underlying theory, why what I'm doing is working so I can get better.
The Rapid7 page on wp_admin_shell_upload says that the module is generating a WP plugin that is then uploaded to pop the shell. Okay. Maybe I don't always have easy access to MSF, or maybe I'm more interested in the "why" than the result. It's also not clear which CVE this module exploits, exactly, from the given documentation. Wordpress has had a LOT of vulnerabilities, it turns out lol. Even in 2015 alone.
The source code for the module isn't super helpful, as it's very msfconsole-specific. Could someone with the know-how please walk me through a manual way of exploiting this? Alternatively, which CVE should I be looking at if I want to do some research on my own?
General internet searches have led me to a lot of videos and such of people using wpscan to brute force the credentials, but here, I already have the credentials. Lot of resources just walking you through how to use a particular msf module ("look at the options, here's what "rhosts" is, yada yada) and again, not really what I'm looking for here.
Is it as simple as uploading (and then finding and running) some standard malicious php reverse shell script, or does it have to be a WP plugin specifically? Or some other special method I don't know about?