.

[Article]-Hacking WordPress with XSS to Bypass WAF and Shell

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Jul 03, 2013 11:21 am

[Article]-Hacking WordPress with XSS to Bypass WAF and Shell

This is a blog post. To read the original post, please click here »

ImageWordPress is by far the most popular Content Management System (CMS) in the world today. According to W3 Techs, “WordPress is used by 58.2% of all the websites whose content management system we know. This is 18.6% of all websites.” As with most modern, popular CMSs, the WordPress application itself is hardened and secure out of the box. But to get all of the cool ‘stuff’ to make your site memorable and engaging, WordPress site owners often use 10 – 20 plugins for each installation. As of July 2013, WordPress.org lists 25,700 plugins with more than 475 million downloads, and that doesn’t include those outside of the WordPress repository. It’s these third party plugins that leave a tight framework vulnerable to exploitation and attempts at hacking WordPress common. Many installed plugins remain unpatched or overlooked, and even those not activated through the WordPress Dashboard provide an excellent attack surface. With shared hosting plans and consolidated corporate datacenters, it is more often than not that your instance of WordPress is not the only web application residing on your server.

For the sake of brevity, I won’t “beat a dead horse” and talk about why Cross-Site Scripting (XSS) is dangerous. There still is some confusion surrounding XSS and its role in network breaches, how it is used, and how it can be utilized over and over to do the same thing. An attacker cannot leverage an XSS flaw to directly “hack” into a server. Instead, by chaining vulnerabilities together and socially engineering personnel, an attacker can move from XSS to an internal compromise fairly quickly. This tutorial shows how hacking WordPress with a simple XSS flaw can be crafted into a vehicle to intrude on internal networks.
CISSP, MCSE, CSTA, Security+ SME
<<

n37sh@rk

User avatar

Jr. Member
Jr. Member

Posts: 70

Joined: Thu Jan 24, 2013 1:07 pm

Location: Anywhere

Post Wed Jul 03, 2013 1:55 pm

Re: [Article]-Hacking WordPress with XSS to Bypass WAF and S

Very nice! I now have something to look into for our company as we use wordpress!

Thanks don!
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Jul 03, 2013 2:58 pm

Re: [Article]-Hacking WordPress with XSS to Bypass WAF and S

Great article, thanks.

n37sh@rk wrote:Very nice! I now have something to look into for our company as we use wordpress!

Thanks don!


Be sure to focus on the plugins since they are not likely developed with the same quality of coding standards as the main WordPress application. I took a random plugin from SQLi to ravaging the entire internal network on a recent assessment.
The day you stop learning is the day you start becoming obsolete.
<<

n37sh@rk

User avatar

Jr. Member
Jr. Member

Posts: 70

Joined: Thu Jan 24, 2013 1:07 pm

Location: Anywhere

Post Wed Jul 03, 2013 3:05 pm

Re: [Article]-Hacking WordPress with XSS to Bypass WAF and S

Be sure to focus on the plugins since they are not likely developed with the same quality of coding standards as the main WordPress application. I took a random plugin from SQLi to ravaging the entire internal network on a recent assessment.


Thanks for the advice i'm still new to the field! Company is still working on getting an program off the ground :/
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Thu Jul 04, 2013 10:38 pm

[Article]-Hacking WordPress with XSS to Bypass WAF and Shell

Awesome write up, thank you.
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC

Return to /root

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software