Create an Account
username: password:
 
  MemeStreams Logo

Security Threat: WordPress Under Attack
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Security Threat: WordPress Under Attack
Topic: Miscellaneous 4:20 pm EDT, Sep  5, 2009

Writes Lorelle on her WordPress-centric blog:

There are two clues that your WordPress site has been attacked:

First, there are strange additions to permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

TechCrunch is not great about reporting security vulns, certainly not to the level of detail you;d want if you hack in the scene. What *is* interesting is using the Http Referer (sic) header to carry the actual payload.

Security Threat: WordPress Under Attack

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0