[wp-hackers] Security Vulnerability found - Forum Post

denis at semiologic.com denis at semiologic.com
Wed Apr 13 18:17:07 GMT 2005


Quoting Jeff Minard <jeff at jrm.cc>:

> John Sinteur wrote:
> (...) I don't think this comes close to anything critical.

Er... Were I a hacker taking advantage of said exploit, I would definitly not
deface the blog. Rather, I would:

- fetch config.php through the file editor, to get the db server name, db name,
user name, and password
- try using the info to log into the ftp; else try using the built-in file
editor to create files; on success, set up a porn site, warez site, casino
spam, link farm, spam server, you name it; the user will not notice unless he
can access his raw stats (many users use an image or js based service that only
tracks users on pages you built)
- log into mysql and create table my_junk; store warez, mp3s and porn as
necessary; the user will never notice unless he knows how to access his db
- last but not least, assume there is a telnet access on the account for some
reason...

D.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


More information about the wp-hackers mailing list