I read a post to the Downgrade Blog entitled “Script Kiddies Have Awesome Tools”. The author checked out a recent hack to Wordpress. He tried to decode the source. However he found that it had been compressed and encoded many times. Eventually he got to the original code. There was an amazing suite of tools available to hackers.
The author compared this tool suite to a tool he obtained about 10 years ago. That tool was supplied as C source code. You needed to get your development environment correct first. Then you needed to supply the compiler with the correct flags for it to successfully build. Finally you needed to figure out how to run the darn app.
This latest suite of tools was much more user friendly to the hacker user community. There were a lot of tools in the suite he discovered. There was a tool to find files with security holes. There was also a program to execute commands as the web server user. It included a backdoor tool installer. It also had an FTP brute force cracker. The suite came with a self remover program as well. This is just a few of the tools included.
The guy realized that with this tool set, it would be easy to go into business. You could scan for Wordpress installations. Once found you could use the tools to check for vulnerabilities. Then you could exploit the ones you find for ill gotten gain. The hard work was done. Somebody coded and provided this tool set. You just need to be a script kiddie to use it.
The tool suite itself was about 2500 lines of PHP code. It took advantage of files not being read only on the file system. Advice from readers who commented included a recommendation to lock down your Wordpress. You should always patch third party code. And you should definitely sanitize SQL before using it. Others mentioned that this tool suite was actually old news. Well I had never heard about it.
Be Brave to Get Work Done - I was woken up this morning from a call from work. Not a good sign. Apparently the customer found a potential problem in our delivery. I got on a conferen...