logobossfact

I am running the Mr.Robot CTF and when I try to use the wp_admin_shell_upload.rb
the module says that the site is not running wp.

PS. the ctf is running on a VMware

Steps to reproduce

use metasploit-framework/modules/exploits/unix/webapp/wp_admin_shell_upload.rb
set requested data (see below)

Expected behavior

What should happen?
create a shell

Current behavior

What happens instead?
it says the target is not using wp
You might also want to check the last ~1k lines of
/opt/metasploit/apps/pro/engine/config/logs/framework.log or
~/.msf4/logs/framework.log for relevant stack traces

System stuff

Metasploit version

msf exploit(unix/webapp/wp_admin_shell_upload) > version
Framework: 4.17.18-dev
Console : 4.17.18-dev

I installed Metasploit with:

• Kali package via apt

OS

What OS are you running Metasploit on?

KALI BABY WOOOOO

Linux kali 4.18.0-kali1-amd64 #1 SMP Debian 4.18.6-1kali1 (2018-09-10) x86_64 GNU/Linux

You can disable the WordPress check with: set WPCHECK false

Your TARGETURI of wp-login.php is incorrect. It should be / or other. The filename is added by the API.

And please don't post spoilers.