{"id":436,"date":"2006-05-26T16:06:22","date_gmt":"2006-05-26T08:06:22","guid":{"rendered":"http:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/20060526\/436"},"modified":"2006-05-26T16:06:22","modified_gmt":"2006-05-26T08:06:22","slug":"wordpress-2","status":"publish","type":"post","link":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/?p=436","title":{"rendered":"WordPress <=2.0.2 'cache' shell injection"},"content":{"rendered":"<p>blogger \u6ce8\u610f\u4e86\uff0cWordpress 2.0.2 \u53ca\u4e4b\u524d\u7684\u7248\u672c\u6709 remote shell exploit\u3002<\/p>\n<p>exploit  \u6210\u529f\u57f7\u884c\u7684\u689d\u4ef6\u662f<\/p>\n<ol>\n<li>\u53ef\u8b93\u5916\u90e8\u4f7f\u7528\u8005\u8a3b\u518a\uff08\u4e5f\u5c31\u662f\u9700\u6709\u5408\u6cd5\u5e33\u865f\uff09<\/li>\n<li>\u9700\u958b\u555f cache \u529f\u80fd\u3002<\/li>\n<\/ol>\n<p>\u5e78\u597d WP \u9810\u8a2d\u61c9\u8a72\u662f\u6c92\u6709 cache \uff08\u6587\u7ae0\u5feb\u53d6\uff09\u529f\u80fd\u7684\u3002\u9019\u500b\u6f0f\u6d1e\u4e3b\u8981\u662f\u56e0\u70ba WP \u628a\u6587\u7ae0\u5feb\u53d6\u5b58\u6210 PHP \u6a94\uff08\u4f4d\u65bc wp-content\/cache\uff09\u3002\u800c\u5408\u6cd5\u8a3b\u518a\u5e33\u865f\u53ea\u8981\u53bb\u4fee\u6539\u81ea\u5df1\u7684\u8cc7\u6599\u6b04\u4f4d\uff08\u6bd4\u5982\u8aaa\u6587\u7ae0\u986f\u793a\u7684\u4f5c\u8005\u540d\u7a31\uff09\uff0c\u5c31\u53ef\u4ee5\u8ddf\u8457\u5feb\u53d6\u8cc7\u6599\u4e00\u8d77\u88ab\u5beb\u5165\u90a3\u500b PHP \u6a94\u3002<\/p>\n<p>\u8a73\u60c5\uff1a <a href=\"http:\/\/www.securityfocus.com\/archive\/1\/435039\/30\/0\/threaded\">WordPress < =2.0.2 'cache' shell injection<\/a><\/a><\/p>\n<div class=\"fcbkbttn_buttons_block\" id=\"fcbkbttn_left\"><div class=\"fcbkbttn_like \"><fb:like href=\"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/?p=436\" action=\"like\" colorscheme=\"light\" layout=\"standard\" show-faces='false' width=\"450px\" size=\"small\"><\/fb:like><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>blogger \u6ce8\u610f\u4e86\uff0cWordpress 2.0.2 \u53ca\u4e4b\u524d\u7684\u7248\u672c\u6709 remo &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"more-link\" href=\"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/?p=436\"> <span class=\"screen-reader-text\">WordPress <=2.0.2 'cache' shell injection<\/span> \u95b1\u8b80\u66f4\u591a &raquo;<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"_links":{"self":[{"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=\/wp\/v2\/posts\/436"}],"collection":[{"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=436"}],"version-history":[{"count":0,"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=\/wp\/v2\/posts\/436\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.shsh.ylc.edu.tw\/~taichis\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}