PHP Script Vulnerabilities and WordPress Blog Hacking

June 25, 2009 | By | 5 Replies More

Reading time: 3 – 4 minutes

Based on my previous post about this blog being compromised, I decided that it would bring much justice to the previous post entitled, “Blogosphere Alert: Prevent your WordPress blogs from being hacked!” to expose the different ways on how a WordPress blog can be compromised or hacked. We all know that WordPress blogs are written on php scripts and are made operational by means of MySQL Database via a web host.

For WordPress blogs, most hackers in order to create damage usually introduce malicious codes that may cause unwanted action statements through php code snippets. One of which is through SQL Injection. SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.

Another form of hack is Cross-site scripting (XSS) which is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users or cyber criminals into the web pages viewed by innocent users commonly exploited for phishing attacks to steal sensitive data such as credit card information in which most of the time, victims are unaware that a webpage is already stealing his/her valuable information.

The most common exploit that happens to a dedicated server is a script exploit that gives the hacker non root access to a dedicated server. What hackers do is pass the script some variables and commands in an http URL. The vulnerability is that the script allows the commands to be run thereby giving the hacker access only to the /tmp directory. The next action they would take is to upload scanning tools and start a DDOS attack against another server. While hackers don’t have root access, removing all their files and stopping all their processes will remove them but chances are, if the vulnerable scripts are not removed, they would still come back.

Another technique often used to attack Internet websites was via a remote computer known as Remote File Inclusion (RFI). Remote File Inclusion attacks allow malicious users to run their own PHP code called a webshell, also known as a PHP shell. A webshell can display the files and folders on the server allowing editing tasks such as editing, adding or deleting files which could also be used to gain administrator-level or root access on the server.

Familiarity with these vulnerabilities will give you ideas how your PHP scripts play a vital role in your WordPress blog’s security. Don’t try pretending to be a know-it-all guru, most tech bloggers’ blogs especially established one’s had once been compromised. It doesn’t hurt to ask what you don’t know. If you hardly believe it, do your research. Your call!

Reblog this post [with Zemanta]

Tags: , , , , , ,

Category: open source, tips and tricks

Comments (5)

Trackback URL | Comments RSS Feed

  1. Louis vuitton handbags says:

    Nice tip for this article.thumbs up.+5.
    now I know what makes VA important.They know a lot of things.
    thank you Her Media.

    louis vuitton handbags

  2. Mathdelane says:

    You’re very much welcome!

  3. olivia says:

    WordPress has been a victim of hacking from the very beginning, as you have to upload your Blog to the server and this very reason makes it vulnerable to hack attacks.
    My blog which in the starting phase didn’t had much posts around 3-4 was hacked through SQL Injection hacks…. and pals.. it gets on your nerves..

  4. Mathdelane says:

    Hackers normally try to steal traffic from blogs through SQL Injection tactics mainly because blogs rank higher than static pages in SERP.

    Perhaps it’s really the disadvantage of open source however WordPress has never turned its back through its very supportive community.

Leave a Reply