Word press セキュリティ show!!

  • Published on
    28-May-2015

  • View
    6.738

  • Download
    1

Embed Size (px)

Transcript

  • 1. WordPress Show !! WordPress

2. WordPress WordPress 3. WordPress Movaxx Type 4. WordPressMovable Type https://www.ipa.go.jp/security/topics/alert20130913.html 5. WordPress WordPress WordPress CMS WordPress 6. Hacked by Krad Xin 7. 20138 8,438 8. => => => => 9. Web 10. XSS -> JavaScript SQL -> SQL CSRF -> 11. Web WordPress (esc_html) Ref: IPA Web https://www.ipa.go.jp/security/vuln/websecurity.html 12. 13. WordPress JVN 14. WordPress 15. WordPress URL http://()/wp-admin WordPress 16. admin Google inurl:wp-admin site:co.jp 17. SSL BASIC IP 18. WordPress PHP 19. / Ref: Roles and Capabilities http://codex.wordpress. org/Roles_and_Capabilities ^^; 20. () 21. WordPress !!