Wordpress ALERT!

Discussion in 'WordPress' started by tech86, May 25, 2006.

  1. #1
    There is a new vulnerability in Wordpress.

    http://milw0rm.com/exploits/6

    There is no official fix as far as I know, so for now I recommend turning of user registration.
     
    tech86, May 25, 2006 IP
  2. jackburton2006

    jackburton2006 Peon

    Messages:
    5,296
    Likes Received:
    282
    Best Answers:
    0
    Trophy Points:
    0
    #2
    What exactly does this vulnerability do? Can you just spell it out for us?
     
    jackburton2006, May 25, 2006 IP
  3. Dekker

    Dekker Peon

    Messages:
    4,185
    Likes Received:
    287
    Best Answers:
    0
    Trophy Points:
    0
    #3
    that does not look like fun..
     
    Dekker, May 25, 2006 IP
  4. Catnabbit

    Catnabbit Peon

    Messages:
    91
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #4
    edit. i read more about it, it looks like they use a backdoor to guess your mysql password through a dictionary attack and then execute shell commands on your server. i guess they could delete your site or do nasty things to it or maybe attack other people.. who knows what these crazy people will do next.
     
    Catnabbit, May 25, 2006 IP
  5. Emperor

    Emperor Guest

    Messages:
    4,821
    Likes Received:
    180
    Best Answers:
    0
    Trophy Points:
    0
    #5
    It only seems to be for blogs that have user registration enabled. :D
     
    Emperor, May 26, 2006 IP
  6. mavahntooth

    mavahntooth Well-Known Member

    Messages:
    1,064
    Likes Received:
    12
    Best Answers:
    0
    Trophy Points:
    128
    #6
    you can delete everything if you guess the username and pass? thats not new?
     
    mavahntooth, May 26, 2006 IP
  7. jackburton2006

    jackburton2006 Peon

    Messages:
    5,296
    Likes Received:
    282
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Malicious nerd virgins. God, I hate them.
     
    jackburton2006, May 26, 2006 IP
  8. tech86

    tech86 Peon

    Messages:
    83
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #8
    Well simply put what this does is,

    It uses a registered user to inject a shell into your server. This shell allows well complete access to your server almost eqivalent to ssh access. However if this fails for some reasons such as Php Safe Mode being enabled, it goes ahead and attempts another exploit which allows it to bruteforce the mysql password.

    Most people will wonder what the big deal with guessing the password is. Well on almost all hosting servers mysql only allows access from localhost. So even if you have the password in front of you, you can't do anything with it. This exploit lets you find the mysql password by running a script on the server and then further uses that password to get admin username and password.

    And yes, only blogs with user registration enabled are vulnerable, so I recommend turning it off till an official patch is released.
     
    tech86, May 26, 2006 IP
  9. Gareth_Boyd

    Gareth_Boyd Well-Known Member

    Messages:
    1,423
    Likes Received:
    38
    Best Answers:
    0
    Trophy Points:
    140
    #9
    I am having problems it says i cannot post anything.
     
    Gareth_Boyd, May 26, 2006 IP
  10. tech86

    tech86 Peon

    Messages:
    83
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #10
    What are you having problems with Boydy? Post where? What did you do prior to the problems?
     
    tech86, May 26, 2006 IP
  11. Gareth_Boyd

    Gareth_Boyd Well-Known Member

    Messages:
    1,423
    Likes Received:
    38
    Best Answers:
    0
    Trophy Points:
    140
    #11
    It says this "Sorry, you need to enable sending referrers for this feature to work." do you know whats wrong with it tech86?
     
    Gareth_Boyd, May 26, 2006 IP
  12. Catnabbit

    Catnabbit Peon

    Messages:
    91
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #12
    I don't mean they could just delete your blog - they could delete your entire site or do anything that a person with shell access could do. Which for a lot of people is a lot more than just their blog.
     
    Catnabbit, May 26, 2006 IP
  13. Dekker

    Dekker Peon

    Messages:
    4,185
    Likes Received:
    287
    Best Answers:
    0
    Trophy Points:
    0
    #13
    especially if you're on shared hosting, no?
     
    Dekker, May 26, 2006 IP
  14. Catnabbit

    Catnabbit Peon

    Messages:
    91
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #14
    Depends on the access level the exploit can give you, but yeah if youre on shared hosting it could potentially be very very bad.
     
    Catnabbit, May 26, 2006 IP
  15. iatbm

    iatbm Prominent Member

    Messages:
    5,151
    Likes Received:
    352
    Best Answers:
    0
    Trophy Points:
    360
    #15
    I knew wordpress is bad hehe ..... dirty one there ... consider using something else ... I expect a lot more security flaws
     
    iatbm, May 26, 2006 IP
  16. moq

    moq Guest

    Messages:
    352
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #16

    I also agree to what mavahntooth is sayn!
     
    moq, May 26, 2006 IP
    jaree likes this.
  17. Dekker

    Dekker Peon

    Messages:
    4,185
    Likes Received:
    287
    Best Answers:
    0
    Trophy Points:
    0
    #17
    Don't ever get a server then moq :p
     
    Dekker, May 26, 2006 IP
  18. DomainMagnate

    DomainMagnate Illustrious Member

    Messages:
    10,932
    Likes Received:
    1,022
    Best Answers:
    0
    Trophy Points:
    455
    #18
    that actually looks like some real fun :D :D
     
    DomainMagnate, May 26, 2006 IP
  19. DomainMagnate

    DomainMagnate Illustrious Member

    Messages:
    10,932
    Likes Received:
    1,022
    Best Answers:
    0
    Trophy Points:
    455
    #19
    if anyone tried this tell us your results..
     
    DomainMagnate, May 26, 2006 IP
  20. mdvaldosta

    mdvaldosta Peon

    Messages:
    4,079
    Likes Received:
    362
    Best Answers:
    0
    Trophy Points:
    0
    #20
    Why post that shit on the forums and give it more exposure? Why not just say it's out there rather than to post a god damn script for kiddies to use? Don't get me wrong, I really appreciate the heads up... but posting a link on how to execute the hack is reckless and will only make it worse.

    On that note, unless you have a simple to guess password (a dictionary word - which unless your stuck in the 90's you know not to use) then your probably safe even if you allow user registration.

    Changing your password to be long and have numbers, letters, and especially odd characters would make it pretty much impossible to crack your server this way.
     
    mdvaldosta, May 26, 2006 IP
    DomainMagnate likes this.