Comments on: Landing Blogsecurify

By: aungkhant

aungkhant — Sun, 06 Jul 2008 12:16:48 +0000

At first glance , I think this checks against public exploits such as in OSVDB/Milw0rm. Great. As for me I just wanna write a perl script that greps “Generator” meta tag like Word 2.0.3 and greps latest version info. If out-dated, extract wordpress vulnerabilities in wordpress version < latest and show them to user and warn her to upgrade.

By: Web Dev: Check Your Wordpress Security with Blogsecurify | Hackosis

Web Dev: Check Your Wordpress Security with Blogsecurify | Hackosis — Mon, 30 Jun 2008 13:50:11 +0000

[...] gnucitizen.com] Tags: Blog, Blogsecurify, Security, Web development, WordPress Like this post? Subscibe [...]

By: pdp

pdp — Sat, 28 Jun 2008 06:04:58 +0000

Alex, the test is none-exploitative so it should not create any bogus entries within your database.

By: Alex

Alex — Fri, 27 Jun 2008 20:39:15 +0000

For which vulnerabilites will Blogsecurify check those blogs out there? Will it create new entries via SQLi, etc. and does it only check blogs running WP for the moment? I didn’t find some info about it.

By: pdp

pdp — Fri, 27 Jun 2008 06:28:18 +0000

takuan, thanks for the info, although I know and you know that this information is totally fabricated. :) thanks anyway!

By: links for 2008-06-27 at edsmiley.com

links for 2008-06-27 at edsmiley.com — Fri, 27 Jun 2008 04:31:27 +0000

[...] Landing Blogsecurify | GNUCITIZEN (tags: blog security hacking scanner securabit) [...]

By: takuan

takuan — Fri, 27 Jun 2008 03:51:52 +0000

I thought it was interesting to run the scanner against “www.gnucitizen.org/blog/” and it returned…

This blog is running a vulnerable version of WordPress, please upgrade to the latest version available here.

By: psy.echo

psy.echo — Thu, 26 Jun 2008 11:02:47 +0000

Nice work PDP. I checked my blog :) It says .. perfect … thus adding another check mark to security! Cheers.