"In PHP, the difference between _SERVER[‘PHP_SELF’] and _SERVER[‘REQUEST_URI’] is that the latter also gives you the parameters that were passed to a GET request."
Perhaps by now you already know your'e wrong. PHP_SELF is as much vulnerable as REQUEST_URI.
Peace. Lets see what gobless saz :]
Mike Tracy
· 1 year ago
I'm not sure about "wrong". All that statement was intended to do was point out that the way the bug was exploited in the snippet at blackhatdomainer.com requires the use of REQUEST_URI. It was not intended to suggest a fix or in any other way condone the coding practices of the WordPress crew.
I probably should have been more clear in the idea I was expressing but I was too busy snorting a perfectly good bottle of wine out of my nose.
Nate
· 1 year ago
Oh no, you're picking up the Thomas style of oblique asides. Trying to sort info from cuteness and failing...
Thomas Ptacek
· 1 year ago
What does that comment even mean?
Mike Tracy
· 1 year ago
And why does my blog post all of a sudden become about Tom?
ndg
· 1 year ago
"Apparently, we’re using the is_admin() call to figure out if a user is administrator after all?"
No, it's because pending/draft posts are only displayed in the administration interface (on the "manage posts" page, etc).
The issue here is that WordPress classifies posts along two axes, published-unpublished and public-private. The exploit reveals (unpublished & public) data only; posts marked as "private" stay private, even though an administrator would be able to see them.
Mike Tracy
· 1 year ago
ndg: Thank you for the clarification.
Doug Steele
· 1 year ago
Interesting. There are some good ideass presented here. I need to do spend some time reading more about these topics.
SEO Ranter
· 1 year ago
Haha, thanks for that, very entertaining. It's disappointing that no-one's fixed this rather weak looking bit of coding (e.g. the entirety of wordpress) yet!
All Comments
Perhaps by now you already know your'e wrong. PHP_SELF is as much vulnerable as REQUEST_URI.
Peace. Lets see what gobless saz :]
I probably should have been more clear in the idea I was expressing but I was too busy snorting a perfectly good bottle of wine out of my nose.
No, it's because pending/draft posts are only displayed in the administration interface (on the "manage posts" page, etc).
The issue here is that WordPress classifies posts along two axes, published-unpublished and public-private. The exploit reveals (unpublished & public) data only; posts marked as "private" stay private, even though an administrator would be able to see them.
BURSA SOHBET
ISTANBUL CHAT
ISLAMI CHAT
IZMIR CHAT
ANKARA ARKADAS
ALMANYA CHAT
TURKEY CHAT
MYNET
SITENE EKLE
VIDEO KLIP IZLE