WordPress Security Seminar - Stefanos Grammenos - Introduction to WordPress security

Transcript

1. WordPress Security 101 One step to face { Στ έφανος

   Γραμμένος An INTRO On Information Security With Emphasis in WordPress Security

2. Myxomatosis "myxo" or "myxy" The disease is spread by direct

   contact with an affected animal or by being bitten by fleas or mosquitoes that have fed on an infected rabbit. Myxomatosis can be physically carried by an insect's mouthparts i.e: from an infected rabbit to another susceptible animal

3. ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ • Ασφάλεια στ ον κυβερνοχώρο σημαίνει τ

   η διασφάλιση τ ης απρόσκοπτ ης λειτ ουργίας τ ων υποδομών πληροφορικής & επικοινωνιών και τ ην προστ ασία τ ης εν λόγω λειτ ουργίας από αστ οχία τ ης τ εχνολογίας ή κακόβουλη χρήση τ ης. • Ασφάλεια ευαίσθητ ων πληροφοριών που υπάρχουν σε ψηφιακή μορφή. • Ομάδες αντ ιμετ ώπισης περιστ ατ ικών ασφάλειας Κυβερνοχώρου

4. • Computer Emergency Response Team-CERT • Computer Security Incident Response

   Team (CSIRT) • Critical Information Infrastructure Protection (CIIP) • 250 Οργανισμοί που χρησιμοποιούν τ ον όρο CERT • Morris Worm (1988) - CERT Coordination Center (CERT-CC)-Carnegie Mellon University ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

5. ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ • Ω ΕΣ ΤΕΡΙΚΟΙ ΠΑΡΑΓΟΝΤΕΣ -Εσωτ ερικές

   απειλές απο εργαζόμενους -Εσωτ ερικές υποδομές • Ω ΕΞ ΤΕΡΙΚΟΙ ΠΑΡΑΓΟΝΤΕΣ -hackers , malware , misuse , φυσικές κατ αστ ροφές. • ΤΡΙΤΟ ΜΕΡΟΣ Συνεργάτ ες.... Ανάλυση Κινδύνων,Παράγοντ ες

6. • Ένας υπολογιστ ής δεν σημαίνει απαραίτ ητ α ενα

   Desktop. • NetWorks, Mobility, External Devices, Cloud Computing, Τηλεπικοινωνίες, Space κτ λ ( μ . . Συνδεσι ότητα ΔΕ ΠΣ ) • Ώθηση μικρών επιχειρήσεων στ ην χρήση Πληροφοριακών Συστ ημάτ ων. • Ραγδαία αύξηση τ εχνολογίας Η τ εράστ ια σημασία στ ην ανθρώπινη κοινωνία ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

7. • Ευαίσθητ α ιατ ρικά δεδομένα • Έλεγχος Εναέριας Κυκλοφορίας

   • Στ ρατ ιωτ ικά Δεδομένα • Προσωπικά Δεδομένα Η τ εράστ ια σημασία στ ην ανθρώπινη κοινωνία ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

8. Η τ εράστ ια σημασία στ ην ανθρώπινη κοινωνία •

   Ασφάλεια Συστ ημάτ ων, Εφαρμογών, Μέσων και Υποδομών (+ Φυσική ασφάλεια). • Προστ ασία ακεραιότ ητ ας και τ ης διαθεσιμότ ητ ας τ ων πληροφοριών. • Προστ ασία τ ων προς επεξεργασία και αποθηκευμένων προσωπικών δεδομένων. • Εξασφάλιση τ ης μη αποποίησης ενεργειών. • Ταυτοποίηση‐αυθεντικοποίηση. • Εξασφάλιση διαθεσιμότ ητ ας όλων τ ων συστ ημάτ ων https://www.owasp.org/index.php/About_OWASP#Core_Purpose ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

9. Προϋποθέσεις ΑΚΕΡΑΙΟΤΗΤΑ ΔΙΑΘΕΣΙΜΟΤΗΤ Α ΕΜΠΙΣΤΕΥΤΙΚΟΤΗ ΤΑ User Authentication Αποτ ροπή

   αλλαγών τ ων Δεδομένων μας απο μη εξουσιοδοτ ημένους χρήστ ες Εξασφάλιση Δεδομένων και Υπ. Συστ ημάτ ων ότ ι είναι διαθέσιμα, όποτ ε ζητ ηθούν.Όποτ ε απαιτ είτ ε. ( *Slashdot not Didos ) Οι πληροφορίες μας δεν θα πρέπει να αποκαλύπτ οντ αι σε μη εξουσιοδοτ ημένα άτ ομα. (Digital Thetfs) ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

10. Reference: https://commons.wikimedia.org/wiki/File:CIAJMK1209.png The Information Security triad: CIA. Second version Confidentiality,

    Integrity and Availability Εμπιστ ευτ ικότ ητ α, Ακεραιότ ητ α, Διαθεσιμότ ητ α {WHO WHAT WHEN WHERE WHY ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ

11. ΑΣΦΑΛΕΙΑ ΥΠΟΛΟΓΙΣΤΙΚΩΝ ΣΥΣΤΗΜΑΤΩΝ Σχέδιο Prevention – Πρόληψη Assurance – Διασφάλιση

    Detection – Ανίχνευση Reinstatement – Επαναφορά

12. Reference: https://commons.wikimedia.org/wiki/File:CIAJMK1209.png Benefits Of Risk Assessment -Target Safety -Improve Safety

    -System Understanding -The Need for Web Sec Εκτ ίμηση κινδύνου

13. Information Security -No single solution will solve the problem of

    advanced threats or common threats. Advanced cyber attackers have the advantage just one vulnerability to exploit your system, while you, must protect every system and vector. • Advanced detection • Response capabilities • Investigative capabilities • Real-time threat intelligence

14. Information Security you can’t protect what you can’t see prevent

    it from happening Knowledge is the power

15. Guess < You are not Alone>

16. WordPress Security Site developers and administrators should pay particular attention

    to the correct use of core APIs and underlying server configuration which have been the source of common vulnerabilities 25 experts including lead developers and security researchers,collaborates with other security teams. [email protected] Automatic Background Updates for Security Releases (3.7.2, 3.7.3, 3.7.4) keeping the functionality is strongly recommended by the core team. Major Releases!!!! (3.4 to 3.5 , 3.5 to 3.6) define( ‘WP_AUTO_UPDATE_CORE’, true ); add_filter( ‘auto_update_plugin’, ‘_return_true’ ); add_filter( ‘auto_update_theme’, ‘_return_true’ ); Works to identify and resolve security issues in the core software,themes Plugins.

17. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf A1 Injection A2 Broken Authentication and Session

    Management (XSS) A3 Cross Site Scripting (XSS) A4 Insecure Direct Object References A5 Security Misconfiguration A6 Sensitive Data Exposure A7 Missing Function Level Access Control A8 Cross Site Request Forgery (CSRF) A9 Using Components with Known Vulnerabilities A10-Unvalidated Redirects and Forwards the most common security mistakes that developers make and knows how to correct them.

18. WordPress Security Why Hackers Hack For fun To steal Information

    Leakage Money Website Vandalism To disrupt (DdoS) To Spam Transform you into a bot client Practice Activism To Promote their Website

19. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf A1 Injection untrusted data String query =

    "SELECT * FROM accounts WHERE custID= '" + request.getParameter("id") + "'"; http://wp101-01.gr/accountView?id= ' or '1'= '1 text-based attacks You're website can be hacked in a minute

20. WordPress Security SQL injection is a type of security exploit

    in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data. An SQL query is a request for some action to be performed on a database. IF attackers are able to send their own instructions to your database and the database executes them, then you're vulnerable to SQL Injections.

21. WordPress Security About 60% of Web applications that use dynamic

    content are vulnerable to SQL injection. AutomatedTools

22. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf A2 Broken Authentication and Session Management SessionID

    used to identify a user that has logged into a website. “message exchange” Χορηγείτ ε στ ον Χρήστ η κατ ά τ ην πρώτ η επίσκεψη στ ην ιστ οσελίδα Attacker using a session hijacking (TCP session hijacking) TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Once the user's session ID has been accessed (through session prediction), the attacker can masquerade as that user and do anything the user is authorized to do on the network.

23. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf A3Cross Site Scripting (XSS) 1. Stored XSS

    (AKA Persistent or Type I) 2. Reflected XSS (AKA Non-Persistent or Type II) 3. DOM Based XSS (AKA Type-0)

24. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Cross Site Scripting (XSS) Many WordPress Plugins

    are Vulnerable To XSS Attacks

25. WordPress Security Stored XSS occurs when a web application gathers

    input from a user which might be malicious, and then stores that input in a data store for later use. Malicious Payload is stored in DB and is run by others.. Stored XSS does not need a malicious link to be exploited

26. WordPress Security Reflected Cross-site Scripting (XSS) occur when an attacker

    injects browser executable code within a single HTTP response. The injected attack is not stored within the application itself it is non- persistent and only impacts users who open a maliciously crafted link or third-party web page. Reflected XSS are the most frequent type of XSS attacks found in the wild. Reflected XSS attacks are also known as non-persistent XSS attacks -PayLoad is embedded in URL -Victim visits malicious URL and gets EXPLOITED. < script> alert(123)< /script>

27. WordPress Security DOM Based XSS or “type-0 XSS” PayLoad executed

    by modifying Document Object Model (DOM) Environment. Persistend and NonPersistend https://github.com/Vereyon/HtmlRuleSanitizer Document and related objects allow to access contents of the page, modify elements etc. Most interaction with HTML is handled here.

28. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Security Misconfiguration Am I Vulnerable To 'Security

    Misconfiguration? -Is your application missing the proper security hardening across any part of the application stack? -Is any of your software out of date? This includes the OS, Web/App Server, DBMS, applications, and all code libraries? -Are any unnecessary features enabled or installed (e.g., ports, services, pages, accounts, privileges)? -Are default accounts and their passwords still enabled and unchanged? -Does your error handling reveal stack traces or other overly informative error messages to users? -Are the security settings in your development frameworks and libraries not set to secure values?(Plugins,Themes,) Then your Systems are at a higher risk. As a site administrator you should perform actions to eliminate those Risks.

29. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Sensitive Data Exposure Determine is which data

    is sensitive Is any of this data stored in clear text long term, including backups of this data? Is any of this data transmitted in clear text, internally or externally? Are any old / weak cryptographic algorithms used? Are weak crypto keys generated? Are any browser security directives or headers missing when sensitive data is provided by / sent to the browser? Example Attack Scenario A site simply doesn’t use SSL for all authenticated pages. Attacker simply monitors network traffic (in an open wireless network), and steals the user’s session cookie. Attacker then replays this cookie and hijacks the user’s session, accessing the user’s private data.

30. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Missing Function Level Access Control An Attacker

    can simply change the url or Parameter to reach unauthorized functionality Always test actions and URLs when logged into an account with limited permissions, and verify that what this account has access to is correct. UnProTected Website Directories Google search can crawl unwanted urls and expose them to hackers User-agent: * Disallow: /feed/ Disallow: /trackback/ Disallow: /wp-admin/ Disallow: /wp-content/ Disallow: /wp-includes/ Disallow: /xmlrpc.php Disallow: /wp-

31. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Cross Site Request Forgery (CSRF) or One

    Click Attack CSRF occurs when an attacker can create a link and get a site administrator or someone with privileged access to click on that link which causes the site to take an action. For example, if an attacker was able to create a link that, when clicked on by a site admin, created a new ‘admin’ user with a known password, that would be a CSRF attack. The attacker would then simply have to find a way to fool the site admin into clicking that link to create a new admin user with a password they know. Social Engineering--> link to victim--> an attacker may trick the users of a web application into executing actions of the attacker's choosing.

32. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Cross Site Request Forgery (CSRF) or One

    Click Attack Transmits unauthorized commands from an (Infected)user that a website trusts (LogedAsAdmin) Credit: https://www.blackhat.com If the victim is an administrative account CSRF can compromise the entire web application.

33. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Top 10 2013-A9-Using Components with Known Vulnerabilities

    -You are Open if using any vulnerable components or libraries. -Not all vulnerabilities are reported to a central clearinghouse. Stay UpToDate: http://cve.mitre.org/ - https://nvd.nist.gov/home.cfm Component vulnerabilities can cause almost any type of risk Ways to Protect: -Write your Own Hmmmmm not so realistic, so --fix the problem in the next version. Upgrading to these new versions is critical. The following two vulnerable components were downloaded 22m times in 2011. Apache CXF Authentication Bypass (services framework) Spring Remote Code Execution ( allowed attackers to execute arbitrary code effectively taking over the server).

34. WordPress Security https://www.owasp.org/images/6/67/OWASPApplicationSecurityVerificationStandard3.0.pdf Unvalidated Redirects and Forwards forget to terminate

    script execution after a redirect <?php if ($_S ES S ION['user_logged_in'] !== true) { header('Location: /login.php'); } oooops_forgotten_important_functionality_here(); Credit: https://www.blackhat.com Solve <?php if ($_S ES S ION['user_logged_in'] !== true) { header('Location: /login.php'); exit(); } XSS Attack in NextGen Gallery WordPress Plugin

35. WordPress Security AttAcKs On WordPress -Brute-Force-Attacks (Dictionary Attacks). -XSS -SQL

    Injection -RCE -Php Vulns wpvulndb.com/ -2016-02-02 WordPress 3.7-4.4.1 - Local URIs Server Side Request Forgery (SSRF) -2016-02-02 WordPress 3.7-4.4.1 - Open Redirect -2016-01-06 WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS) -2015-09-15 WordPress < = 4.3 - Authenticated Shortcode Tags Cross-Site Scripting (XSS) -2015-09-15 WordPress < = 4.3 - User List Table Cross-Site Scripting (XSS) -2015-09-15 WordPress < = 4.3 - Publish Post and Mark as Sticky Permission Issue -2015-08-05 WordPress < = 4.2.3 - Timing Side Channel Attack © The WPScan Team.

36. WordPress Security AttAcKs On WordPress - Side channel attack In

    cryptography, a timing attack is a side channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Information can leak from a system through measurement of the time it takes to respond to certain queries. electromagnetic leaks Or Sound can provide an extra source of information, which can be exploited to break the system.

37. WordPress Security WordPress Plugins Vunlerabilities wpvulndb.com/ ocim-mp3 2016-03-29 Ocim MP3

    Plugin - Unauthenticated Reflected Cross-Site Sc... multi-meta-box 2016-04-12 WP Multiple Meta Box 1.0 - Authenticated Blind SQL Injection monarch 2016-02-18 ElegantThemes - Privilege Escalation bloom 2016-02-18 ElegantThemes - Privilege Escalation wp-ultimate-exporter 2016-03-03 WP Ultimate Exporter 1.0.0 - Reflected Cross-Site Scripti... wp-ultimate-exporter 2016-03-13 WP Ultimate Exporter <= 1.1 - Unauthenticated SQL Injection import-woocommerce 2016-02-24 Import Woocommerce <= 1.0.1 - Reflected Cross-Site Script... csv-import 2016-02-23 CSV Import 1.0 - Reflected Cross-Site Scripting (XSS) instalinker 2016-02-07 InstaLinker <= 1.1.1 - Reflected Cross-Site Scripting (XSS) js_composer 2015-10-11 Visual Composer <= 4.7.3 - Multiple Unspecified Cross-Sit... royal-slider 2015-09-13 Royal Slider <= 3.2.6 - Authenticated Cross-Site Scriptin... wp-cerber 2016-04-01 Cerber Limit Login Attempts <= 2.0.1.6 - Unauthenticated ... simple-support-ticket-system 2015-10-07 Support Ticket System 1.2 - remote SQL injection resads 2015-10-05 ResAds <= 1.0.1 - Reflected Cross-Site Scripting (XSS) watupro 2015-09-01 Watu PRO <= 4.8.8.4 - Cross-Site Request Forgery (CSRF) car-rental-system 2015-08-26 Car Rental System <= 3.0 - SQL Injection wp-limit-login-attempts 2015-09-09 WP Limit Login Attempts <= 2.0.0 - Unauthenticated SQL In... wp-advance-comment 2016-03-13 WP Advanced Comment <= 0.10 - Stored Cross-Site Scripting... mdc-private-message 2015-08-22 MDC Private Message <= 1.0.0 - Authenticated Stored Cross... payment-form-for-paypal-pro 2015-10-11 Payment Form for PayPal Pro <= 1.0.1 - Multiple Reflected... hide_my_wp 2015-07-29 Hide My WP <= 4.51.1 - Stored Cross-Site Scripting (XSS) hide_my_wp 2015-08-13 Hide My WP <= 4.53 - Stored-Cross Site Scripting (XSS) robo-gallery2016-04-12 Robo Gallery <= 2.0.14 - Remote Code Execution 3bubble-amazon-s3-html-5-vi...2015-07-08 S3Bubble Cloud Video With Adverts & Analytics <= 0.7 - Ar... robotcpa 2015-06-11 RobotCPA Plugin V5 - Local File Inclusion portfolio-by-lisa-westlund 2015-07-21 Portfolio 1.0 - Cross-Site Request Forgery (CSRF) imdb-widget 2016-03-30 IMDb Profile Widget <= 1.0.8 - Local File Inclusion (LFI) dzs-zoomsounds 2015-06-01 ZoomSounds <= 2.0 - Remote File Upload securemoz-security-audit 2015-09-09 SecureMoz Security Audit <= 1.0.5 - MitM PHP Object Injec... wp-backup-plus 2015-05-22 WP Backup Plus - Backup Disclosure Vulnerability wp-membership 2015-05-21 WP Membership <= 1.2.3 - Multiple Vulnerabilities wps-hide-login 2015-05-27 WPS Hide Login 1.0 - CSRF

38. WordPress Security WordPress Plugins Vunlerabilities wpvulndb.com/ wp-rollback 2015-06-28 WP Rollback

    <= 1.2.2 - Cross-Site Scripting (XSS) & CSRF unite-gallery-lite 2015-07-25 Unite Gallery Lite <= 1.4.6 - CSRF & Authenticated SQL In... sourceafrica 2015-09-02 sourceAFRICA <= 0.1.3 - Unauthenticated Cross-Site Script... optinmonster 2016-03-22 OptinMonster <= 1.1.4.5 - Execution of Arbitrary Shortcodes showbizpro 2015-05-03 WordPress Showbiz Pro Shell Upload wwc-amz-aff 2015-04-26 WooCommerce Amazon Affiliates - Arbitrary File Upload premium-seo-pack 2015-04-24 Premium SEO Pack 1.8.0 - Unauthenicated Arbitrary File Up... wordpress-seo-premium2015-04-20 WordPress SEO by Yoast <= 2.0.1 - Cross-Site Scripting (XSS) fusion-engage 2015-04-13 Fusion Engage 1.0.5 - Local File Disclosure mklasens-photobox 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri... wp-business-intelligence 2015-04-01 WP Business Intelligence Lite <= 1.6.1 - SQL Injection ajax-search-pro 2015-03-21 Ajax Search Pro - Authenticated RCE wp-business-directory 2015-05-14 Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scri... image-export 2015-07-14 Image Export <= 1.1.0 - Directory Traversal gravityforms 2015-03-02 Gravity Forms <= 1.8.19 - Arbitrary File Upload gravityforms 2015-03-17 Gravity Forms 1.8 <= 1.9.3.5 - Authenticated Blind SQL In... gravityforms 2015-04-20 Gravity Forms <= 1.9.6 - Cross-Site Scripting (XSS) gravityforms 2016-03-01 Gravity Forms <= 1.9.15.11 - Authenticated Reflected Cro... ptengine-real-time-web-anal... 2015-04-01 Ptengine <= 1.0.1 - Reflected Cross-Site Scripting (XSS) google-map-wp 2015-11-24 Huge IT Google Map <= 2.2.5 - Authenticated SQL Injection wp-all-import-pro 2015-02-26 WP All Import Pro <= 4.1.0 - RCE wp-all-import-pro 2015-03-17 WP All Import Pro <= 4.1.1 - Multiple Vulnerabilities syndication-links 2015-05-13 Syndication Links <= 1.0.2 - DOM Cross-Site Scripting (XSS) give 2015-04-20 Give - Cross-Site Scripting (XSS) ez-portfolio 2015-03-03 EZ Portfolio <= 1.0.1 - Multiple Cross-Site Scripting (XSS) contact-form-generator 2015-09-08 Contact Form Generator <= 2.0.1 - Multiple Cross-Site Req... wonderplugin-audio 2015-02-19 WonderPlugin Audio Player 2.0 Blind SQL Injection and XSS wp-easy-poll-afo 2015-12-11 WP Easy Poll <= 1.1.3 - Cross-Site Scripting (XSS) & CSRF indieweb-post-kinds 2015-05-13 Indieweb Post Kinds <= 1.3.1 - DOM Cross-Site Scripting (... hero-maps-pro 2016-04-14 Hero Maps Pro <= 2.1.0 - Unauthenticated Reflected Cross-... content-grabber 2015-08-05 Content Grabber 1.0 - Cross-Site Scripting (XSS) wp-plotly 2015-07-14 Plotly <= 1.0.2 - Authenticated Stored Cross-Site Scripti... encrypted-contact-form 2015-05-15 Encrypted Contact Form <= 1.0.4 - CSRF & XSS aspose-cloud-ebook-generator2015-03-27 Aspose Cloud eBook Generator - File Download 44 Σελίδες

39. WordPress Security WordPress Plugins Failing to use security in-depth, One

    WordPress plugin security issue can become a cyber security nightmare.

40. WordPress Security http://codex.wordpress.org/Hardening_WordPress Brute Force Attack is an automated process

    and can be done by using a program (HandsOn or Automated). This will try to decrypt your password by using a list of words, symbols and numbers (wordlists). The Attacker will try to compromize your website by brute force attacking to your wp-login.php

41. WordPress Security Ensure that all your WordPress Users use strong

    passwords and change them frequently. Root Qwerty Postgres Redhat Mysql Apache 123456789 Oracle 123456qwerty backup The Top 10 Programers Paswords

42. WordPress Security http://codex.wordpress.org/Hardening_WordPress Remote Code Execution RCE occurs when an

    attacker is able to upload code to your website and execute it. When an attacker sends code to your web application and it is executed, granting the attacker access, they have exploited an RCE vulnerability. Object Injection attack A bug in a PHP application may accept user input and evaluate it as PHP code.

43. WordPress Security Never Trust The USER INPUT DATA Use Layered

    Security measures https://html5sec.org/

44. WordPress Security Arbitrary File Upload Vulnerability When an attacker finds

    an exploit in WordPress, first thing he-she needs to do is escalate access This exploit allows an attacker to upload a file, any file........

45. Feeling More Secure now ha? Malicious binary code Injection into

    an image file Buffer overflow attack pdf, jpg, mp3, etc Your System & Your WordPress Website can compromized by opening a simple pdf? Ιntentionally execution Σκόπιμη εκτ έλεση Unintentional execution Ακούσια Εκτ έλεση WTF

46. Information Security http://php.webtutor.pl/en/2011/05/13/php-code-injection-a-simple-virus-written-in-php-and-carried-in-a-jpeg-image/ -DefCON XV LasVegas Nevada http://php.webtutor.pl/en/2011/05/13/php-code-injection-a-simple-virus-written-in-php-and-carried-in-a-jpeg-image/ -Virus Name:

    OUTLOOK.PDFWorm VBScript worm. It uses OUTLOOK to send itself in a PDF (portable document format) file. http://lwn.net/2001/0809/a/adobe-pdf-vul.php3

47. WordPress Security Use Tools to check your Installation • WPScan

    • OWASP Wordpress Vulnerability Scanner Project • BurpSuite • Acunetix WVS • OWASP ZAP • Grendel-Scan • N-Stealth • Netsparker • Nexpose • Nikto • Wikto • ParosPro • Vega • Websecurify Suite • Xenotix XSS Exploit Framework AND MANY MORE.......

48. Thanks for Watching [email protected] https://www.facebook.com/TETANOzzzz Grammenos Stefanos