I have spent the majority of this week fighting off an attack on Wordpress (WP). After a lot of searching and some really helpful friends, I believe we have kicked this virus to the curb. Basically this attack exploits an open vulnerability in Wordpress admin. Specifically, the “options.php” file inside the admin directory. From what I have found, this has not been fixed even in the most recent versions of WP. The program left behind in the attack is called Magic Include Shell and it’s a nasty little bugger.
Magic Include Shell gives an attacker the equivalent to console access, which means that the attacker can upload and execute arbitrary code. In other words, one should be extremely careful to ensure that the problem has been fully mitigated. I will attempt to cover the basics on the symptoms, removal and prevention of this nasty little bug.
So I’ve been working on this fun little project called Tweet Potato. I don’t want to give the whole thing away but basically it’s a friendly game of virtual hot potato via Twitter for fun and maybe even some prizes! We launched our private beta request system this morning and have had a great response. So… swing on by (if you haven’t already) and sign up for an invite. We’ll be chukin taters before you know it.
I have been enlisted in the veryGreenTeam by @garyvee. This is for Color Wars 2008. A series of fun little community building challenges from @zefrank. If you are not on a team and want to join the fun, join me and a bunch of others on the veryGreenTeam. Why, you may ask? Here’s the best reason so far.
The first challenge is ROSHAMBO! Here’s the specs on how to play:
DEADLINE
Monday, Midnight EST
HOW TO PLAY
• Take a picture of yourself throwing either “rock”, “paper” or “scissors”.
• You must be in your team uniform (do your best).
• Upload your photo to Flickr and tag it like this:
rsb:move=yourmove rsb:team=yourteam rsb:player=yourtwittername
(for example rsb:move=rock rsb:team=veryGreenTeam rsb:player=iboughtamac)
iBoughtAMac aims to deliver a well rounded collection of information for the Mac user. You've got questions, iBoughtAMac hopes to have the answers. If, after browsing the archives your question has not yet been answered, shoot us a friendly email at help@iboughtamac.com.
I have spent the majority of this week fighting off an attack on Wordpress (WP). After a lot of searching and some really helpful friends, I believe we have kicked this virus to the curb. Basically this attack exploits an open vulnerability in Wordpress admin. Specifically, the “options.php” file inside the admin directory. From what I have found, this has not been fixed even in the most recent versions of WP. The program left behind in the attack is called Magic Include Shell and it’s a nasty little bugger.
