[wp-hackers] Wordpress Cookie Authentication Vulnerability
Stephane Daury
wordpress at tekartist.org
Tue Nov 20 16:56:14 GMT 2007
http://xkcd.com/327/
http://www.pcweenies.org/archives.php?toon=1103
But yeah, I never was too happy to see my password, even double
hashed, in a cookie.
Stephane
On Nov 20, 2007, at 11:46, Bob wrote:
> I'm not a security weenie, but it seems to me you wouldn't even need
> an exploit. Unless you're running SSL, the hashed password is sent
> in the clear, so a hacker can get the hashed password and then
> exploit this cookie vulnerability.
>
>
>
> ----- Original Message ----- From: "Ryan Boren" <ryan at boren.nu>
> To: <wp-hackers at lists.automattic.com>
> Sent: Tuesday, November 20, 2007 2:41 AM
> Subject: Re: [wp-hackers] Wordpress Cookie Authentication
> Vulnerability
>
>
>> On 11/19/07, Computer Guru <computerguru at neosmart.net> wrote:
>>> You've got to be kidding me!
>>>
>>> I read the first five words then burst out laughing:
>>> "With read-only access to the Wordpress database"...
>>>
>>> Once you've got read-only access to a database, how much more
>>> vulnerable do
>>> you want?
>>
>> Yeah, it's not a vulnerability in and of itself. But, in the event
>> your site is compromised (cough -- WP exploits -- cough), these
>> measures would prevent someone slurping your password hashes and
>> doing
>> naughty things with them after you've patched whatever hole was
>> exploited. If we can add these extra measures cheaply, they can be
>> handy when cleaning up after an exploit.
>>
>> Ryan
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list