Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

One Computer Can Knock Almost Any WordPress Site Offline

posted by Fnord666 on Wednesday February 07 2018, @03:07PM   Printer-friendly
from the control-your-scripts dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

As if there aren't enough ways to attack a WordPress site, an Israeli researcher has published details of how almost anyone can launch a denial of service (DoS) attack against almost any WordPress with just one computer. That, he suggests, is almost 30% of all websites on the internet.

The attack uses the vulnerability associated with CVE-2018-6389. The CVE database, at the time of writing, has no details, marking it only as 'reserved' for future use. Details, however, can be found in a Barak Tawily blog post published Monday. It is an abuse of the WordPress load-scripts.php function, which exists to allow administrators/web designers to improve website performance by combining multiple JavaScript files into a single request at the server end.

[...] Tawily goes on to show that mitigation isn't really that difficult if you know what to do (which many WordPress users do not). He "forked WordPress project and patched it so no one but authenticated users can access the load-*.php files, without actually harming the wp-login.php file functionality." He goes further to provide a bash script that modifies the relevant files to mitigate the vulnerability.

Source: http://www.securityweek.com/one-computer-can-knock-almost-any-wordpress-site-offline

Original Submission

 
This discussion has been archived. No new comments can be posted.
One Computer Can Knock Almost Any WordPress Site Offline | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by PiMuNu on Wednesday February 07 2018, @03:42PM (4 children)

    by PiMuNu (3823) on Wednesday February 07 2018, @03:42PM (#634414)

    ... a colleague crashed our outlook server by emailing a massively recursively zipped file to himself. The email server crashed while trying to check the file for viruses. Nowadays of course that would probably be called "hacking" and result in a few years in jail (maybe only if the zip file was sent to a TLA).

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 4, Interesting) by rts008 on Wednesday February 07 2018, @05:17PM (3 children)

    by rts008 (3001) on Wednesday February 07 2018, @05:17PM (#634436)

    ...a massively recursively zipped file...

    Ah yes, the old 'compression bomb' trick.

    I used to enjoy playing with these until one caused me to get a nasty letter from one of those 'let us probe your system for vulnerabilities' websites. (circa 1999-2000, IIRC)

    I had forgotten about a honeypot surprise on a storage drive the probing found, and triggered. They claimed it took them down, and offline for two days until back-ups could be restored. I was not impressed with their security, to have been affected by something like that.

    • (Score: 0) by Anonymous Coward on Wednesday February 07 2018, @06:25PM (2 children)

      by Anonymous Coward on Wednesday February 07 2018, @06:25PM (#634482)

      We had three similar ones on our website for awhile in an attempt to slow people scanning. First was a Billion-Laughs XML file, second was a mess of files with tons of small iframes with their own iframes to 5 layers deep, and the third was a JavaScript file that would "deminify" into a massive dynamically generated file, which inserted all sorts of things into the DOM.

      • (Score: 4, Interesting) by FatPhil on Wednesday February 07 2018, @07:21PM (1 child)

        by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Wednesday February 07 2018, @07:21PM (#634502) Homepage
        Am I the only one who doesn't like the inefficiency of the billion laughs technique? Cost is 90+9L, usually that's a waste.
        I'm a proponent of 1162261467 laughs instead, in general, costing 57+19L, as often L<1, or the 1073741824 laughs attack, costing 60+15L, when L's 1.

        I guess I've lost almost everyone at this stage. I'll take my meds, I seem to be having a tern...
        --
        Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

        • (Score: -1, Spam) by Anonymous Coward on Wednesday February 07 2018, @08:14PM

          by Anonymous Coward on Wednesday February 07 2018, @08:14PM (#634542)

          She screamed. Oh, she screamed. In response, the sound of little boys cheering was heard. Chairs. A tile floor. A chalk board. It was a classroom.

          The man was vigorously moving his hips and slamming his fist into the woman's face. It might be more accurate to say that he could stop neither his fists nor his hips. The woman screamed for help. However, the children only cheered. Rather than caring about the woman's well-being, it would be more accurate to say that the boys were actively cheering for her demise.

          Every time the fist collided with the woman, mankind took a microscopic step forward towards a future where men's rights were respected. The children knew this, which is why they were so excited. A bright future awaited them.

          When silence finally descended upon the woman, the children could no longer contain their excitement. Endless cheers and clapping were heard from within the classroom. The woman's motion had been completely replaced by the children's desire for freedom.