«
»

WordPress Security Flaw – Admin Password Reset


It is possible to reset the admin password in all versions of wordpress up to and including the most recent version 2.8.3.

This information comes from a milw0rm exploit.

So, the jist is you can simply go to:

http://domain.example/wp-login.php?action=rp&key[]=

and it’ll reset the admin password. milw0rm didn’t supply a patch, but thankfully the internet is awesome and pzero from reddit pointed me to the fix:

Open wp-login.php and goto line 190 (assuming WP 2.8.3, or for earlier versions line 169) and replace this line:

if (empty( $key ) )

with

if (empty( $key ) || is_array( $key ) )

Have fun patching your systems peeps. If (and only if) you’re running 2.8.3 you can download a fixed wp-login.php. If you’re running a lower version, you’ll have to edit the file manually. Please backup your wp-login.php before changing it, my file might cause unforeseen problems otherwise.

UPDATE: wordpress have now released 2.8.4 which fixes this issue. Upgrade now.

Here are some screenshots showing exactly how it works:

Wordpress password reset - malicious URL

- just press enter and then…

Wordpress password reset - attack worked

but with the patch in place, wordpress is no longer vulnerable to this password reset attack:

Wordpress password reset - Patched!

To those of you wondering what the consequences are:

  • Annoyance.
  • Inconvenience.
  • Admin lock-out, if a script was set up to repeatedly generate new passwords.
  • Admin lock-out, if admin no longer has access to their “admin” email address.
  • Resource consumption.
  • Email flood.

So, while it’s not as serious as a revealed password would be, there are some serious potential consequences.

Bookmark and Share

Related Posts:

, , , , ,

This entry was posted on August 11, 2009, 2:24 PM and is filed under Wordpress, hacking. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. #1 by aaron condron on August 16, 2009 - 12:03 PM

    hack master

    Reply Quote

  2. #2 by lisa on August 17, 2009 - 2:10 AM

    hiya i need help in hacking someones msn can you help me!

    Reply Quote

    • #3 by jesse manaton on December 23, 2009 - 11:16 AM

      I would think that you wont able to hack msn but, the easy thing to hack some ones password what they like doing/girl/boy friend that is the easy way to hack passwords…but sometimes they dont work!
      #so keep looking on youtube!

      Reply Quote

  3. #4 by MANISH on September 16, 2009 - 7:16 AM

    SIR,
    CAN U TELL ME HOW TO HACK SONICWALL NETWORK SECURITY SOFTWARE…..?

    Reply Quote

  4. #5 by Jude Jonathan Kamano on October 9, 2009 - 3:35 PM

    I want to learn how to hack computer systems

    Reply Quote

  5. #6 by Jude Jonathan Kamano on October 9, 2009 - 3:36 PM

    can you give me steps on how to breach into a ntwork and get files?

    Reply Quote

  6. #7 by PHP Lover on December 14, 2009 - 8:42 AM

    So many spackers on the internet.

    Reply Quote

  7. #8 by stuart cairns on April 23, 2010 - 10:23 AM

    how can I un block a friend who is blocking me?

    Reply Quote

  8. #9 by stuart cairns on April 23, 2010 - 10:24 AM

    how can I un block a friend who is blocking me on facebook

    Reply Quote

  9. #10 by stuart cairns on April 23, 2010 - 10:31 AM

    how can I un block a friend who is blocking me on facebook

    stuart cairns :
    how can I un block a friend who is blocking me on facebook

    stuart cairns :
    how can I un block a friend who is blocking me on facebook

    Reply Quote
(will not be published)