WordPress4. 0 and the following version of the Dos attack Vulnerability CVE-2 0 1 4-9 0 3 4 the detection and use-vulnerability and early warning-the black bar safety net

2015-01-28T00:00:00
ID MYHACK58:62201558506
Type myhack58
Reporter 佚名
Modified 2015-01-28T00:00:00

Description

In this article, I will detail how to use vulnerability POC(proof-of-concept tool Searchspoit on your Wordpress website, 4.0 and following versions of Dos attack Vulnerability CVE-2 0 1 4-9 0 3 4 the detection and utilization.

Vulnerability description

CVE-2 0 1 4-9 0 3 4 is due to the hash number of a long password processing caused by improper, can cause a remote attacker to Wordpress4. 0 and the following version of the website to launch Dos attacks. The vulnerability published has been for some time, but now this problem has not been solved.

Searchspoit use

Searchspoit is a tool in kali linux to find the variety of Trojan. script tool that can be used with MetaSploit to use, very easy to use.

!

!

If you want to search for other, enter“-h”display a Help menu that can help you to find more vulnerabilities.

!

!

Searchsploi find the file located in/usr/share/exploitdb/, you need to copy the files to the main directory or similar place.

!

Run the exploit

Running process may need to be some PHP command, the following might be of help to you.

!

When I first tried to run the exp I receive is an error reply.

!

This is because my kali missing the php5-curl package, so I need to re-install it.

!

Again run the exploit on.

!

!

Now we look at server-side is like?

!

HTTPD before and after the state of the comparison

!

!

By Munin monitor display, I get a lot of peak.

!

!

!

How to Defense this attack?

  1. The best way is in wp-admin to specific IP restrictions.
  2. For each connection the IP throttle.
  3. Use WAF to.
  4. Write your own ModSecurity code in Apache or other server.
  5. Keep wordpress updated.

Searchspoit download point me after all it on the wall.

[Reference source blackmoreops , the coding/Change, please indicate from Freebuf hackers and geeks(FreeBuf.COM)]