Exploit for Wordpress...

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • DickShoke
    Confirmed User
    • Oct 2003
    • 1236

    #1

    Exploit for Wordpress...

    I was looking through my 404 Error logs and saw all these hits looking for these files. I think hackers are running a program to see if these files are on a server and then they use a know bug to take control of the server...
    so watch out...

    adxmlrpc.php 81 -
    /xmlrpc.php 60 -
    /adserver/adxmlrpc.php 59 -
    /phpadsnew/adxmlrpc.php 58 -
    /phpads/adxmlrpc.php 58 -
    /phpAdsNew/adxmlrpc.php 58 -
    /forum/viewforum.php 56 -
    /Ads/adxmlrpc.php 55 -
    /ads/adxmlrpc.php 54 -
    /xmlrpc/xmlrpc.php 54 -
    /xmlsrv/xmlrpc.php 53 -
    /blog/xmlrpc.php 52 -
    /drupal/xmlrpc.php 49 -
    /community/xmlrpc.php 47 -
    /blogs/xmlrpc.php 42 -
    /blogs/xmlsrv/xmlrpc.php 41 -
    /forum/profile.php 40 -
    /blog/xmlsrv/xmlrpc.php 38 -
    /blogtest/xmlsrv/xmlrpc.php 37 -
    /b2/xmlsrv/xmlrpc.php 35 -
    /phpgroupware/xmlrpc.php 34 -
    /wordpress/xmlrpc.php 34 -
    MILF Porn Creampie BBW
    Recommended -->Webcam Porn Big Tit Filipina Porn Indian Sex Big Cock Thai Porn
  • GrouchyAdmin
    Now choke yourself!
    • Apr 2006
    • 12085

    #2
    This bug has been around since what? 2002?

    Comment

    • quantum-x
      Confirmed User
      • Feb 2002
      • 6863

      #3
      yeah, at least.
      You'll see people scanning for a lot of common directories and apps nowadays.
      PrettyInCash.com - BoozedGFs.com - TeenGFs.com - JizzGFs.com- MilfUploads.com -

      Comment

      • Splum
        Confirmed User
        • May 2003
        • 6195

        #4
        Thats why its best to run custom scripts

        Comment

        • darksoul
          Confirmed User
          • Apr 2002
          • 4997

          #5
          Originally posted by Splum
          Thats why its best to run custom scripts
          or rather not run fricking old scripts.
          You should always keep up with the updates.
          1337 5y54|)m1n: 157717888
          BM-2cUBw4B2fgiYAfjkE7JvWaJMiUXD96n9tN
          Cambooth

          Comment

          • darksoul
            Confirmed User
            • Apr 2002
            • 4997

            #6
            Oh,
            and btw this wasn't a wordpress bug rather an xmlrpc. bug which affected
            lots of software
            1337 5y54|)m1n: 157717888
            BM-2cUBw4B2fgiYAfjkE7JvWaJMiUXD96n9tN
            Cambooth

            Comment

            Working...