Pwnpress: is your WordPress install up to date?

From the one and only Lance M. Havok (LMH started the Month of Apple Bugs and the Month of Kernel Bugs) comes Pwnpress, a ruby script containing exploits for WordPress 1.5.1.1, 1.5.1.3, 2.0.5, 2.1.3, 2.2 and 2.2.2. WordPress 2.2.3 is the latest stable release.

Even if you're not running WordPress it's worth checking out the Pwnpress source code for the comments alone. For example:

# One of the most sloppy, unreliable and awkward exploits ever released for
# Wordpress. The original exploit from Stefan Esser was mediocre at best.
# No offense meant, it was just a seriously deficient piece of horse shit.

If you're not keeping WordPress updated using Subversion, now is as good a time as any to make the jump.

If you're the curious type, be aware that info-pull.com/code/ is decidedly not work safe.

Posted on Wednesday, September 12th, 2007 at 7:37 am | Filed under Software, Technology
You can follow any responses to this entry through the Comments feed.
Post a Comment | Trackback URL | Permalink URL

Recent Posts
Recent Comments
Categories
- Android
- BlackBerry
- Development
- iPhone
- JavaScript
- links
- Personal
- Software
- Tablet PC
- Technology
- UI/UX
- VMware
RSS Links
- Posts RSS Feed
- Comments RSS Feed
Subscribe by E-mail
Archives
Donations
Revenue
Recommended
Services used and recommended by Corey.
- The best text and binary newsgroup service around. 365 day binary retention on August 7, 2009.
- Back up your Exchange Server, SQL Server and more. Built on rsync.

The views expressed on these pages are mine alone and not those of any past or present employer. All information presented on this site was obtained lawfully and not through disclosure under the terms of an NDA.

Pwnpress: is your WordPress install up to date?

Leave a Reply

Recent Posts

Recent Comments

Categories

RSS Links

Subscribe by E-mail

Archives

Donations

Revenue

Recommended