[wp-hackers] wpau-backup being exploited?

Viper007Bond viper at viper007bond.com
Mon May 26 08:14:15 GMT 2008


The server or something on it (possibly the plugin, but just because it's
using that directory doesn't mean it is) was exploited and since that
directory is writable, it was used.

This is yet another reason I don't suggest people leave their theme files
(or any other directory but an upload one) writable.

On Mon, May 26, 2008 at 12:24 AM, Ozh <ozh at planetozh.com> wrote:

> >So...is it being exploited or not?
>
> Worst case scenario:
> the plugin has a vulnerability that makes spammers able to inject content
> in the backup directory, ie uploading the file like:
> >
> http://conexions.org/wordpress/wpau-backup/wordpress/wp-content/themes/classic/css/fence/fencing-tools.html
>
> Best case scenario:
> Malicious files were present before backup (ie there's another vuln
> somewhere) but anyway the plugin allows for directory indexing of
> potentially compromising stuff (don't know the plugin itself but I
> wouldn't like anyone to be able to see the whole list of files under my
> wordpress root)
>
> So the answer is: yes, this is exploiting.
>
>
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



-- 
Viper007Bond | http://www.viper007bond.com/ | http://www.finalgear.com/


More information about the wp-hackers mailing list