Comments on: Friendly AJAX XSS Worm for WordPress http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/ Information Security Think Tank Sat, 02 Feb 2013 17:50:40 +0000 hourly 1 http://wordpress.org/?v=3.4.1 By: .mario http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38512 .mario Thu, 02 Aug 2007 14:33:55 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38512 Yep - just caught that too via my feeds - so maybe now you know what I mean with no review no usage. Yep – just caught that too via my feeds – so maybe now you know what I mean with no review no usage.

]]> By: hackademix.net » Patching WordPress, WormLess http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38497 hackademix.net » Patching WordPress, WormLess Thu, 02 Aug 2007 11:53:27 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38497 [...] the other hand, I fully subscribe to .mario’s concerns — w/o code review no usage — and looks like Symantec agrees about this beastie being [...] [...] the other hand, I fully subscribe to .mario’s concerns — w/o code review no usage — and looks like Symantec agrees about this beastie being [...]

]]> By: zqyves http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38475 zqyves Thu, 02 Aug 2007 09:23:11 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38475 hello all, have a look at that: http://www.symantec.com/enterprise/security_response/weblog/2007/08/wordpress_xss_exploit_solves_p.html there is actually a problem in the code of the XSS worm resulting in the "+" not encoded and interpreted as " " (space) by the browser. hello all,

have a look at that:

http://www.symantec.com/enterp.....ves_p.html

there is actually a problem in the code of the XSS worm resulting in the “+” not encoded and interpreted as ” ” (space) by the browser.

]]> By: mybeNi websecurity http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38336 mybeNi websecurity Wed, 01 Aug 2007 20:28:05 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38336 Hell, it is javascript, you'll find the scrip tags on your own Hell, it is javascript, you’ll find the scrip tags on your own

]]> By: .mario http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38293 .mario Wed, 01 Aug 2007 14:48:51 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38293 Thanks for the explanation but as I already said - w/o code review no usage - don't get me wrong please. And at the moment I have no time to set up a testblog etc. What's the problem with publishing the sources? You'd like to wait until the vulns are fixed? Thanks for the explanation but as I already said – w/o code review no usage – don’t get me wrong please.

And at the moment I have no time to set up a testblog etc.

What’s the problem with publishing the sources? You’d like to wait until the vulns are fixed?

]]> By: mybeNi websecurity http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38256 mybeNi websecurity Wed, 01 Aug 2007 10:26:54 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38256 mario: If you refer from your admin panel to my page, it pops up and asks you if you'd like to fix these vulns, then it goes to your admin panel back again, carrying its XSS payload and creating a Small setup, which tells the Admin where to add which parts of code to his Wordpress files in order to Fix the Vulnerabilities. At the end, the Admin is prompet wheter he'd like to continue the worm by pasting a small "Referal-Checking" php line to his sidebar (manually by copy&paste) or if he'd like to add a blogroll link to my blog (of course automatically) ;) --cheers beni mario:
If you refer from your admin panel to my page, it pops up and asks you if you’d like to fix these vulns, then it goes to your admin panel back again, carrying its XSS payload and creating a Small setup, which tells the Admin where to add which parts of code to his WordPress files in order to Fix the Vulnerabilities.
At the end, the Admin is prompet wheter he’d like to continue the worm by pasting a small “Referal-Checking” php line to his sidebar (manually by copy&paste) or if he’d like to add a blogroll link to my blog (of course automatically) ;)

–cheers beni

]]> By: pdp http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38240 pdp Wed, 01 Aug 2007 08:38:05 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38240 good stuff byNi... let's see how long it will take wordpress to release a new version. good stuff byNi… let’s see how long it will take wordpress to release a new version.

]]> By: mybeNi websecurity http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38235 mybeNi websecurity Wed, 01 Aug 2007 07:59:02 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38235 yes, right after I pressed the Post Button, I created some Tickets at the Wordpress Bugtracker (trac.wordpress.com). They already fixed some parts, hope the release won't take too long. yes, right after I pressed the Post Button, I created some Tickets at the WordPress Bugtracker (trac.wordpress.com). They already fixed some parts, hope the release won’t take too long.

]]> By: .mario http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38229 .mario Wed, 01 Aug 2007 07:42:50 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38229 Yep - very nice work indeed! But as pdp already said please release the sources. There's no way for me using this tool w/o knowing what it really does. Yep – very nice work indeed! But as pdp already said please release the sources. There’s no way for me using this tool w/o knowing what it really does.

]]> By: David Kierznowski http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38140 David Kierznowski Tue, 31 Jul 2007 23:33:23 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38140 pdp, heh, I have checked the mans work ... trying to rope him in for a chat :-) pdp, heh, I have checked the mans work … trying to rope him in for a chat :-)

]]> By: pdp http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38130 pdp Tue, 31 Jul 2007 22:45:00 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38130 heh :) this is less critical but still. interesting research btw. have you informed the wordpress guys? heh :) this is less critical but still. interesting research btw. have you informed the wordpress guys?

]]> By: mybeNi websecurity http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress/comment-page-1/#comment-38129 mybeNi websecurity Tue, 31 Jul 2007 22:37:55 +0000 http://www.gnucitizen.org/blog/friendly-ajax-xss-worm-for-wordpress#comment-38129 Hey pdp! The worm asks for permission and every step must be authorized by the Administrator, it just guides him through the process of applying the workarounds for the security vulnerabilities onto his Wordpress code. ;) Hey pdp!

The worm asks for permission and every step must be authorized by the Administrator, it just guides him through the process of applying the workarounds for the security vulnerabilities onto his WordPress code. ;)

]]>