I have brute forced wordpress site, what to do now?

[Day_dreamer]

although I'm logged as admin but not as super admin so my privileges a very limited to:
1>comments regulation
2>upload pages
3>upload gallery

I cannot install any plugins for sure

Question: is there anyway I can install a php shell?
                 is there a way to extract admin password hash with these privileges?
                 
I have checked its vulnerable plugins, themes ,TT but to no avail =(
Do you guys have any suggestions please?

[white-knight]

Have you tried WPscan to get creds ?

When u get admin creds you can go into themes and change the header code to get a shell ..

[hcac]

One can hardly ever do an xss, but check if you can do one through posts or gallery (differes based on version, mostly you can't upload .html files).
You didn't say anything about themes, do you have any perm? I guess the only way to directly put a php is the theme (-plugins).

[Day_dreamer]

Have you tried WPscan to get creds ?

When u get admin creds you can go into themes and change the header code to get a shell ..

Yup tried WPscan and later used CMSmap to but plugins as well as themes are not exploitable, that is where I  decided to use a wordlist attack. Unfortunately the only account that was cracked isn't the super admin, thus I can't have access to either themes of plugins.

I guess I'll just keep on trying to brute force the super admin's password, untill a fresh exploit are published soon. 

[Day_dreamer]

One can hardly ever do an xss, but check if you can do one through posts or gallery (differes based on version, mostly you can't upload .html files).
You didn't say anything about themes, do you have any perm? I guess the only way to directly put a php is the theme (-plugins).

Sorry I'm not familiar, what do you mean by "perm"?

[.goethe]

Sorry I'm not familiar, what do you mean by "perm"?

he means permission.

[Day_dreamer]

he means permission.

ok tnx