WARNING: Exploit found in this plugin!
-
WARNING: when checking raw access logs on my server, I discover that hackers try to access a file of this plugin.
With this exploit they can access the passwd file of your server. /etc/passwd file stores essential information, which is required during login i.e. user account information. /etc/passwd is a text file, which contains a list of the system’s accounts, giving for each account some useful information like user ID, group ID, home directory, shell, etc.
RAW access information:
142.44.207.70 – – [10/Oct/2017:15:47:51 +0200] “GET /wp-content/plugins/wp-ecommerce-shop-styling/XXX-REMOVEDTHISFORSECURITY-XX/FILE?filename=../../../../../../../../../etc/passwd HTTP/1.1” 404 11262 “-” “Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36 OPR/36.0.2130.32”Please note: Made some changes so that this exploit is not publicy visible.
Questions? Please reply below.
- The topic ‘WARNING: Exploit found in this plugin!’ is closed to new replies.