Greenguy's Board - View Single Post

cd34 · 2012-02-13, 12:48 PM

Upgraded 277 out of 285 Wordpress sites on one of the servers this weekend. 8 of them, less than 3% were running 3.3.1. The oldest Wordpress found in production, 2.0.3. Yes, a version of Wordpress released in 2005 was still in use (and had a number of remote shells).

If you aren't running Wordpress 3.x (at least) on your Wordpress sites, it might be worth taking a glance through the uploads directory to see if you have any .php files floating around. Some of the exploits are quite slick, but, most are fairly easy to find.

Also, if you've got an Android phone and wouldn't mind taking a photo or two to help test, SnapReplay's beta stream will show the pictures you take as you upload them. Link for the Android app is on the front page with a better description of what it is.

Hope everyone has a good week.

2012-02-13, 12:48 PM	#7
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	Upgraded 277 out of 285 Wordpress sites on one of the servers this weekend. 8 of them, less than 3% were running 3.3.1. The oldest Wordpress found in production, 2.0.3. Yes, a version of Wordpress released in 2005 was still in use (and had a number of remote shells). If you aren't running Wordpress 3.x (at least) on your Wordpress sites, it might be worth taking a glance through the uploads directory to see if you have any .php files floating around. Some of the exploits are quite slick, but, most are fairly easy to find. Also, if you've got an Android phone and wouldn't mind taking a photo or two to help test, SnapReplay's beta stream will show the pictures you take as you upload them. Link for the Android app is on the front page with a better description of what it is. Hope everyone has a good week. __________________ SnapReplay.com a different way to share photos - iPhone & Android