Overview
Explore novel exploitation techniques in WordPress through this conference talk from OWASP AppSec EU 2018. Delve into a fundamental design flaw in the WordPress core that led to severe security issues, including SQL injection vulnerabilities and a new type of PHP object injection. Examine how a custom design of prepared statements contributed to these vulnerabilities. Analyze the characteristics of this specific occurrence and learn how to identify similar issues in other PHP projects. Gain insights into new and generic exploitation techniques, as well as guidance for WordPress and other developers on preventing these security problems. Understand the implications of WordPress's wide adoption, its reliance on legacy code, and the challenges of implementing modern best practices. Learn about the exploitation of outdated cores and plugins, and the ongoing efforts to secure the platform despite the intrinsic features of the PHP language.
Syllabus
Introduction
About me
What is WordPress
Installing Plugins
Overview
Background
Medicals
Custom Prepared Statements
Exploit Technique 1
Exploit Technique 2 Demonstration
WordPress Patch
Second Exploit Technique
Recap
Exploit 2 WooCommerce
Exploit 6 Wordpress
Closing Words
Question
How it works
What the attacker does
WordPress version
Advice to plugin authors
Will there be a prepared statement
Is there a safe way to use that caching technique
How have you found the experience working with different plugin teams
Taught by
OWASP Foundation