Friday, August 12, 2016

Wordpress File Path Traversal Examples

I pasted several similar Wordpress exploit attempts from some web logs. They generally match WAF or IDS rules of file traversal. They look like this...

GET/wp-content/plugins/google-mp3-audio-player/direct_download.php?file=../../../wp-config.php
GET/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php
GET/wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10
GET/wp-content/themes/mtheme-unus/css/css.php?files=../../../../wp-config.php

These exploits take advantage of insecure wordpress plugins. Each of them have a query string parameter that would allow you to download a file. Theoretically the plugin was only supposed to allow you to download files from the current plugin directory, like music, audio, etc. that was allowed. But in this case the query string parameter wasn't properly properly the path passed in and it allowed for path traversal (../../) to go up and down the file system hierarchy. In this case the attacker is then attempting to get to the wp-config.php file which can contain your security keys , database user and password, etc. so some valuable data!

To prevent this, either patch your plugins when vulns like this come out ... or disable/remove unused plugins.

More about neonprimetime


Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. An Invoice email and a Hot mess of Java


Top Github Contributions
  1. Qualys Scantronitor 2.0


Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.
Posted by at
Labels: , ,

17 comments:

  1. UnknownMarch 26, 2017 at 11:05 PM

    Thank you for sharing such a useful information
    Web Design company in Hubli | web development company in Hubli | web designers in Hubli | IT companies in Hubli | Web Design Companies in Hubli | Software Companies in Hubli

    ReplyDelete
  2. UnknownApril 11, 2017 at 1:17 AM

    Great information about wordpress file path, thanks for sharing
    Bitcoin payment for e commerce development | Pay Bitcoin for Ecommerce Development

    ReplyDelete
  3. UnknownMay 3, 2017 at 11:59 PM


    Valuable post, thank you for this informative info. Keep sharing

    website security certificate | ssl certificate price | Dedicated Servers in India | cheap dedicated hosting india

    ReplyDelete
  4. Muhammad HassanFebruary 26, 2019 at 2:38 AM

    Yes, I am entirely agreed with this article, and I just want say that this article is very helpful and enlightening. I also have some precious piece of concerned info !!!!!!Thanks. wordpress tutorial

    ReplyDelete
  5. AkseosolutionsApril 22, 2019 at 12:18 AM

    useful information on topics that plenty are interested on for this wonderful post.Admiring the time and effort you put into your b!.. WordPress hosting comparison

    ReplyDelete
  6. Susan LittleMay 25, 2019 at 2:32 AM

    You have a real talent for writing unique content. I like how you think and the way you express your views in this article. I am impressed by your writing style a lot. Thanks for making my experience more beautiful. hide wp plugin

    ReplyDelete
  7. Richard H. BlackJuly 31, 2019 at 1:52 AM

    Thanks for the blog filled with so many information. Stopping by your blog helped me to get what I was looking for. Now my task has become as easy as ABC. Integriti Access Control Melbourne

    ReplyDelete
  8. Usama LaDLaSeptember 11, 2019 at 6:21 AM

    There is obviously a lot to know about this. I think you made some good points in Features also. Keep working, great job! security guards

    ReplyDelete
  9. Usama LaDLaSeptember 11, 2019 at 6:54 AM

    Your site is truly cool and this is an extraordinary moving article. security company

    ReplyDelete
  10. Usama LaDLaSeptember 12, 2019 at 1:40 AM

    I feel very grateful that I read this. It is very helpful and very informative and I really learned a lot from it. security guards

    ReplyDelete
  11. jospheneSeptember 23, 2019 at 3:50 AM

    I really loved reading your blog. It was very well authored and easy to understand. Unlike other blogs I have read which are really not that good.Thanks alot! clean wordpress site

    ReplyDelete
  12. seo pormotionNovember 4, 2019 at 5:35 AM

    I can’t imagine focusing long enough to research; much less write this kind of article.You’ve outdone yourself with this material.This is great content. opencart template

    ReplyDelete
  13. seo servicesNovember 24, 2019 at 7:00 AM

    Thanks for sharing us. Ozzun Cheap SEO Services

    ReplyDelete
  14. lisaannpDecember 8, 2019 at 10:38 PM

    Great knowledge, do anyone mind merely reference back to it extension opencart

    ReplyDelete
  15. Susan LittleDecember 10, 2019 at 11:31 PM

    An fascinating discussion is value comment. I think that it is best to write extra on this matter, it won’t be a taboo topic however generally people are not enough to talk on such topics. To the next. Cheers extension opencart

    ReplyDelete
  16. seo masterDecember 11, 2019 at 12:48 AM

    Thank you for another great article. Where else could anyone get that kind of information in such a perfect way of writing? I have a presentation next week, and I am on the look for such information. wordpress theme

    ReplyDelete
  17. jospheneFebruary 23, 2021 at 5:53 AM

    I am happy to find this post Very useful for me, as it contains lot of information. I Always prefer to read The Quality and glad I found this thing in you post. Thanks schlüsseldienst kosten

    ReplyDelete

Subscribe to: Post Comments (Atom)