Many website designers rely upon CMS(Content Management System) for their developments.One such a platform is wordpress that has many users and publishes tremendous websites day by day.However many vulnarabilities are pointed out each second by the hackers and security reasearches.One such a zero day vulnarabilty is pointed in CVE(Common Vulnerabilities and Exposures) that wordpress websites are facing.This vulnarability is considered as a potentially large scale exploit as Wordpress holds about 29% of websites available in Internet.
Researches says that when a particular URL pattern is followed as
http://site.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-ui-core&ver=4.9.1
When we request a this particular URL ,a load [] parameter is received by load-scripts.php.To handle multiple request of CSS and JS modules.Two files are incoporated to cut down the amount of request as load-scripts.php and load-styles.php for CSS and JS files respectively.As a part of load parameter there is a list provided which stores the resource that each user requests.Because of this bug if the user enquire for a particular js request by supplying a particular path,the server will initiate a read process for the value supplied by the user.
The above figure gives the list of resources that are present in scriptsloader.php which has nearly 181 values.So what would happen if a particular user request all the JS module in the above mentioned php file.The server will definitely take some time to process such a large request causing a Denial Of Service Attack.
Proof of Concept:
As a mitigation strategy,we recommend you to use a php file that helps you to protect from this attack.All you have to do is clone the file from github and upload it your server's file manager.
Download
Good Luck 😄
0 comments:
Post a Comment