Choosing modern anti-malware, a search engine, browser and its extensions for security and privacy
When the CDN Goes Bananas
Slides on Subresource Integrity from the SecTalks Sydney meetup
Bypassing WordPress Login Pages with WPBiff
Two-factor authentication protected WordPress login pages can be bypassed because of certain unsafe NTP practices.
The Internal clock of remote servers can be manipulated under the right conditions. Because certain WordPress Google Authenticator plugins also rely on the local timestamp, it opens up new ways to circumvent the user authentication process on the /wp-admin dashboard.
We demonstrate a practical attack against two-factor protected WordPress login pages. We are going to gain access to the dashboard without having access to the token generator app.
Tricking Google Authenticator TOTP with NTP
Because of unsafe NTP practices, internal clocks on remote machines can be manipulated under the right conditions. Once time is altered, expired SSL certificates become valid again and causes HSTS policies to expire.
But what about authentication? Certain TOTP implementations such as popular WordPress plugins also rely on the local timestamp.
This article demonstrates a proof of concept for accessing two-factor authentication protected WordPress dashboards.
Suit Up and Protect WordPress
In the final part of the series, I am going to show a few practical tips and tricks for protecting your WordPress blog. We have seen earlier how a simple XSS vulnerability can lead to the total compromise of the hosting environment. We not only managed to deploy a backdoor, dump all data from the databases and retrieve each file from […]
Data Exfiltration with XSS
We had an XSS vulnerability, we created a fake login page, we stole the WordPress admin’s credentials, now what? Over the following pages, I am going to walk you through the complete data exfiltration process. We are going to get shell access to the OS, dump the databases and configure the compromised WordPress server as a pivot for launching further attacks.