WordPress Vulnerability:
Take a little time to check.
Take a little time to check.
Seo Egghead has evidently discovered a WP 2.3.1 vulnerability HTML-tainting attacks. (The vulnerability evidently exists in W.P 2.1). The apparent application is to inject ads into bloggers older posts; these would tend to look like paid links. The problems for you would be a potential drop in page rank.
SEO Egghead recommends bloggers check their posts for insserted links to mp3 sites he has discovered at his site, and provides a plugin for this purpose.
I may be wrong, but I think you need to use his plugin. You should be able to get the same information by clicking “manage” in your dashboard, finding the big “search box” and entering ‘adshelper’. Then, click search. WP will return a list of posts containing links to “adshelper”. Next repeat the search for ’softicana’. If both searches return zero pages, you’re clean.
While your at it: why assume these are the only hacker-advertisers? Take a little time and search for words like “mp3″, “casino“, “mortgage”, “viagra” and anything else you can dream up. If you find anything, blog about it so other bloggers can learn and check.
With luck, if my suggested method of testing useless, and you really do need to use the plugin, Seo Egghead will pop in and tell us I’m wrong. (I asked at his blog last night, and I’ll keep checking for an answer .)
Are you wondering how I did?
I seem to be ‘clean’ on both ‘adshelper’, ’softicana’ and a variety of other terms I dreamed up.
Hmmm… Plugin idea
If these sorts of HTML tainting attacks are common, I should probably write a plugin that periodically scans all blog posts for a standard set of blacklist terms, plus terms in the users own blacklist. Monthly checks at all our blogs would let us catch these things and warn others. It would be an easy plugin… hmmm….
If readers do run this test, and any come up “tainted”, I’ll seriously consider writing that plugin. Meanwhile, I need to get through updating all my existing ones first!
Tags:hack security vulnerability WordPress
Related Posts:
- Two tips to avoid Duplicate Content: Robots.txt or Meta Robots WordPress Plugin
- Lucia's Linky Love for WP 2.3: Option to follow trackback immediately.
- Improve Your Better Feed: Wordpress Plugin
- Kontera Control for WP 2.3: Feel Free To Test!
Comments
11 Responses to “WordPress Vulnerability: Take a little time to check.”
Leave a Reply
wow pretty scary…I didn’t realize they could hack you through Wordpress. I use it for another account but I guess I should search for these terms since I do use a lot of plugins with it.
Wow, thanks for the “heads up” on this one! I haven’t had as much of a problem with spam (yet) as many of the other bloggers out there, but this is definitely something that needs to be monitored in the future.
Your plugin idea is a good one, especially if this particular form of spam becomes much more prevalent. And to think that only a few years ago, I thought that Spam was something that came out of a can!
Just scan blogs for outgoing links not for blacklist terms. You can not know all blacklist terms but searching for external links is easier and you can quickly figure out if you put it there or it was ‘planted’.
@5ubliminal: Your solution would probably be useful if I wrote this as a plugin (which is probably the right way to do this). But for now, it’s not an easy way to check things using WP’s search tool.
I’ll write the plugin if anyone actually finds themselve’s infected this way. Otherwise, I’m not sure it’s worth it. (Though, it would be easy enough to do, and people may want to periodically check every link in their database even without the hacking threat.)
Obviously, I was refering to a plugin to parse the source code of WP files.
Obviously, I was refering to a plugin to parse the source code of WP files and MySQL tables data.
PS: If this comment came in twice delete one
Lucia, I’m clean (it seems). It would be a useful plugin if you write it.
Subliminal, are you saying the plugin should simply build a big list of external links for you to check manually? For some blogs that would be a huge list! I think having a blacklist of terms to check for (in the link text or URL) is the way to go, as long as you can add / delete things from the blacklist.
Everytime you check your list the script should extract the hostname from url and present a structure based on host names.
Once you validate a hostname (domain) the script should hide that one. So if you add a new link to google.com and you tell the script google.com is cool the script should not show you again google.com unless u use a special button to view all or smth like this. This way you could ban domains and discard any link to them.
This way ou would have a bit of work upfront but you would keep control over your links and the work wold be much smaller as you keep adding links.
This is easy for me to do but I have no idea how wordpress works and make a plugin so I’ll just leave it to Lucia expert in WP plugins.
@5ubliminal That’s a good idea! Now, I do know how to do it effectively. My first thought had been to fish out all the links, present them as a list, and let the user look at them. Then, they could do that every now and then.
Then, also, give then a tool with a blacklist.
One idea a lot of work for the user to do regularly (Which means they won’t do it– and makes the tool useless.)
The other idea is ineffective because individual blacklists don’t work for this sort of thing. My knitting blog is spammed with comment SEO stuff like “dog sweater”, not “viagra”.
But your idea is elegant and effective. (Which… doesn’t surprise me.
)
I can code that, and possibly also go for overkill. In WP, I can both keep track of what’s a “good link” and record the ID of the post it’s in and keep track of whether it follows. It would take little more coding, almost no extra CPU, and would ensure that if a blogger does include a “bad” link once, no one can sneak in another one later in a different post! (This is useful if — overtime– a company decides to pay for sponsored posts and then later insert the links.)
Thanks
You can also create rules. Reject a link, nofollow a link and dofollow a link. And allow users to set rules for domains. This would indeed be useful to WP users. And you can allow users to create groups of domains. So let’s say: u make a group named sponsors and you nofollow them but if, in time, u change your mind you dofollow the whole pack not one by one.
Actually I’m working on this for my blog. To add some domains to the trusted links and allow Google to see them.
PS: 9 years of coding are behind the way I think. If you ever need advice on smth you work on, mail me. I’ll consult U
@5ubliminal: My first plugin was to nofollow links in a certain domain.
I learned to code long ago — but I worked on mechanical engineering problems. So, the challenges associated with developing the al-gore-rithms are often quite different. (If you looked at my codes, you’d probably also laugh for ohhh soooo many reasons. One of these days I need to force myself to use OOP when it’s helpful, which it often would be with plugins, but rarely is with problems in mechanics and heat transfer!)
But, they work, and I try to avoid security holes. (I can tell I need to read a bit. But then, that’s one of the reasons I read your blog. You explain hacks that exist, then you explain how to secure. Sebastian’s Pamphlets is a good for me too.)