[wp-hackers] Security at Wordpress
elharo at metalab.unc.edu
Fri Apr 21 22:15:00 GMT 2006
Brian Layman wrote:
> The nonce solution that Owen proposed will adequately protect WP from my
> approach. Therefore I don't have to give a "how-to tutorial" of an exploit
> that could be adapted to attack any non-compiled, non-nonced, non-customized
> web application out there.
If it's really that bad, I'd suggest you publish it because no one
person is going to be able to fix all the web apps out there.
However, I suspect what you've discovered is the well-known problem
where GET is used for operations with side effects, a common flaw in web
apps designed by people who don't understand HTTP. While not as widely
known as it should be (which is why further publicity would be a good
thing) it's hardly a new attack. It's certainly known to
web-app-attackers everywhere. Being quiet about it only helps the black
hats who already know.
Elliotte Rusty Harold elharo at metalab.unc.edu
XML in a Nutshell 3rd Edition Just Published!
More information about the wp-hackers