Vulnerability in /lib ! « WassUp Forums

WassUp Forums » WassUp Bug report

Vulnerability in /lib !

(3 posts) (3 voices)

Started 2 months ago by Perspective
Latest reply from RogerDue

Tags:

Perspective
Member

Guys.. it seems that you got a vulnerability in /lib folder... in my case it was in main.php if I remember well.
My website was hacked based on that.. exploited on one of the java script file that your programm has.

I lost everything on it.. and there was hard work.. believe me. i have to start all from 0 as far as I didn't have a backup (which is my f**cking fault).

After they injected the code I received the following error:

http://img685.imageshack.us/img685/3727/errorsite.jpg

You might have a look on the plugin codding again and fix it.
Personally I won't use wassup for my web-blog anymore.

Wanted to report it.. maybe's useful for you.

Cheers.

Posted 2 months ago #
helene
Moderator

This is a serious problem that we would like to fix ASAP, but your information is incomplete and the attached image/warning is not related to Wassup.

What versions of Wassup and wordpress were you running? Do you have any logs or messages that pinpoint Wassup as the source of the javascript vulnerability that you can show us? Did wassup record the exploit attempt and can you show us that raw record?

As an aside, I recommend that you add the plugin, 'Bad Behavior' (http://wordpress.org/extend/plugins/bad-behavior/) to your blog security regimen. It is a gatekeeper plugin that monitors request headers for suspicious code and can block javascript and SQL injection attempts before they reach your blog.

-Helene D.
http://www.techfromhel.com

Posted 2 months ago #
RogerDue
Member

Helene,
I would like to thank you for pointing out the "Bad Behavior" plugin!!! I installed it yesterday on 3 WP site, signed up for Project Honey Pot, & enabled http:BL. Within only a few hours the "Bad Behavior" plugin blocked traffic, some of which was caught via http:BL. Of course I also have Akismet activated. What is most interesting about all of this is that the site I have been working on recently is only a few months old and already I am getting this kind of malicious traffic. Thanks!

Posted 1 month ago #

RSS feed for this topic

Reply

You must log in to post.