If you have a good full backup of your website, restore your site from it (recommended). Install and set up WordFence plugin (as in case of no backup). If you don’t have good backup: Immediately delete all files from this list. Get a clean copy of your version of WordPress, and clean copy of your … Read more
Only checking if the cookie exists, is not much of a strict protection. To get a stronger protection, you can pass or “proxy” all requests to the uploaded folder (exemplary uploads in the following example) through a php script: RewriteCond %{REQUEST_FILENAME} -s RewriteRule ^wp-content/uploads/(.*)$ dl-file.php?file=$1 [QSA,L] All requests to uploaded files (which includes images in … Read more
Have you identified the exploit vector? If not, you may be leaving yourself open to future exploit. Other things to consider: Change WordPress admin user passwords – done Change Hosting account user password Change FTP passwords Change MySQL db user password – done Change the db table prefix Update your wp-config nonces/salt Check your directory/file … Read more
The biggest WordPress giveaways are between the <head> </head> tags. Example WordPress head content output by The Twentyten Theme and how to remove: <link rel=”profile” href=”http://gmpg.org/xfn/11″ /> Remove directly from header.php <link rel=”stylesheet” type=”text/css” media=”all” href=”http://example.com/wp-content/themes/twentyten/style.css” /> Hide WordPress by calling your stylesheet from another location and change the wp-content directory. WordPress requires your theme … Read more
Short answer: yes The answer to this question is yes and to say otherwise is probably irresponsible. Long answer: a real-world example Allow me to provide a very real example, from my very real server, where moving wp-config.php outside the web root specifically prevented its contents from being captured. The bug: Take a look at … Read more
Few days ago I’ve noticed that someone is using brut force attack to try to log in into our WordPress page. This is what I did: 1. changed the name of the wp-login.php file and changed all url in the file to new url 2. added a functions to change logout url and redirect to … Read more
You can find the target on vulnhub. For instance, DC2. You can download this and then install it on VMware, so you can access this target by LAN.
This is bcrypt: Generate a random salt. A “cost” factor has been pre-configured. Collect a password. Derive an encryption key from the password using the salt and cost factor. Use it to encrypt a well-known string. Store the cost, salt, and cipher text. Because these three elements have a known length, it’s easy to concatenate them and store them … Read more
I found the answer. IE stores passwords in two different locations based on the password type: Http-Auth: %APPDATA%\Microsoft\Credentials, in encrypted files Form-based: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2, encrypted with the url From a very good page on NirSoft.com: Starting from version 7.0 of Internet Explorer, Microsoft completely changed the way that passwords are saved. In previous versions (4.0 … Read more
The changes are temporary on the individual user’s browser. However, the changes will allow that user to interact with your backend however they choose to do so. This is one way in which sites are attacked. The standard rule is to never trust input coming from the user / browser. Do not trust the value … Read more