"WordPress has an XMLRPC API that can be accessed through the xmlrpc.php file. When WordPress is processing pingbacks, it's trying to resolve the source URL, and if successful, will make a request to that URL and inspect the response for a link to a certain WordPress blog post. If it finds such a link, it will post a comment on this blog post announcing that somebody mentioned this blog post in their blog." Bogdan Calin explained.
Pingback is
one of three types of linkbacks, methods for Web authors to request
notification when somebody links to one of their documents. This enables
authors to keep track of who is linking to, or referring to their
articles. Some weblog software, such as Movable Type, Serendipity,
WordPress, and Telligent Community, support automatic pingbacks where
all the links in a published article can be pinged when the article is
published.
A
new tool has been released that automates the pingback vulnerability
autonomously, distributed on the software development site Github as "WordpressPingbackPortScanner" .
That tool exposes the API and lets attackers scan other hosts, multiple
WordPress blogs and with a specialized URL, reconfigure routers.
Tool description - "Wordpress exposes a so called Pingback API to link to other blogposts. Using this feature you can scan other hosts on the intra- or internet via this server. You can also use this feature for some kind of distributed port scanning: You can scan a single host using multiple Wordpress Blogs exposing this API."
The bug is already reported on Wordpress community, but Softpedia notice that the ticket was closed at the time after someone argued that “there are so many ways to orchestrate a DDOS attack.”
All the wordpress blogs are at risk,can be heavily abused by attackers. Since the Wordpress also supports URL credentials , the attacker can use a link like http://admin:admin@192.168.0.1/changeDNS.asp?newDNS=aaaa to reconfigure internal routers.
He also says that disabling the Pingback feature won't fix the solution ,the ultimate solution is a patch.
Tool description - "Wordpress exposes a so called Pingback API to link to other blogposts. Using this feature you can scan other hosts on the intra- or internet via this server. You can also use this feature for some kind of distributed port scanning: You can scan a single host using multiple Wordpress Blogs exposing this API."
The bug is already reported on Wordpress community, but Softpedia notice that the ticket was closed at the time after someone argued that “there are so many ways to orchestrate a DDOS attack.”
All the wordpress blogs are at risk,can be heavily abused by attackers. Since the Wordpress also supports URL credentials , the attacker can use a link like http://admin:admin@192.168.0.1/changeDNS.asp?newDNS=aaaa to reconfigure internal routers.
He also says that disabling the Pingback feature won't fix the solution ,the ultimate solution is a patch.
| روابط هذه التدوينة قابلة للنسخ واللصق | |
| URL | |
| HTML | |
| BBCode | |
شاهد ايضا اخر مواضيع الجيش العرقي الالكتروني
kamindoz
