exploitable timthumb.php in your wordpress website


The other day, I received this email from my hosting provider:

This is a courtesy notice that we have found exploitable timthumb.php file(s) on your account. It is highly recommended that you update these files to the latest available version to prevent possible compromise. This is best done by updating all scripts, plugins, modules and themes on your account to the latest version.

As the owner of the account, you are responsible for keeping your hosted content free of malicious software.

The timthumb.php file is a script commonly used in WordPress’s (and other software’s) themes and plugins to resize images. The exploit allows an attacker to arbitrarily upload and create files and/or folders on your account, which can then be used for a number of malicious tasks, including but not limited to defacement, browser high-jacking and infection, data harvesting and more. After a site has been exploited, it may lead to becoming labeled a “Malicious Website” by Google or other security authorities.

Any timthumb.php file below version 1.35, but above version 1.09 is considered vulnerable, unless patched. To prevent being compromised, we advise you update all instances of timthumb.php to version 2.0, or patch the existing vulnerable files. Note that patching the files requires more in-depth knowledge of the PHP scripting language.

Which was funny because all of my wordpress sites are (kinda) up to date. I dug some more to find that this file comes with many themes AND plugins, and you will have to batch them all.

The way to fix this is simple.

– open your hosting control panel and select file manager.

-find the search method and look for files named timthumb.php

-use the edit function to edit each file. replace its contents with contents of the following file http://timthumb.googlecode.com/svn/trunk/timthumb.php

-make sure to go through all copies of the file

 

That’s it. you are safe now πŸ™‚

Learn AJAX in 5 mins

First I want to give credits to the author of the tutorial Learn AJAX in 20 mins that I improved Β to be less complicated and noob friendly πŸ™‚

AJAX stands for (as if you would remember it) Asynchronous JavaScript and XML. and it is used to send and receive data from the server without having to refresh the entire page.

I assume you have a basic knowledge of HTML and PHP.

Continue reading “Learn AJAX in 5 mins”

The Lame hacker 222.73.173.10

Yesterday, I got much more hits on this blog than usual, when I checked the logs, I found a bunch of access attempts. It would be ok for me if the hacker was at least smart enough to know what he’s dealing with. Check the log below, you will understand what I’m talking about.

Continue reading “The Lame hacker 222.73.173.10”