I used a pastebin.

organic
No comments yet

 
Kesner: If you hit admin-ajax.php you’ll also get a success, eve nif it’s not doing anything 😛

Geil: Https://----escape_autolink_uri:a03ded6cd97ffffa8f7b4e1454f3eecc----.org/plugins/search-autocomplete/ not sure if this does custom fields

Geil: Https://----escape_autolink_uri:a03ded6cd97ffffa8f7b4e1454f3eecc----.org/plugins/wp-ultimate-search/ this one does

Koopman: Are drupal ‘nodes’ ****agous to wordpress ‘posts’?

Ormes: Ok fris thank you I saw that plugin too but didn’t know if that would fit my needs

Median: When creating a custom widget is it possible to add a cl*** to the li? I know that it can be done when the sidebar is registered, but I only want it to apply to my widget, not all of them.

Bonner: In my widget function I could add another div inside the li which does the same thing, but it would be tidier if it was on the list item.

Ciresi: Wow, so many hacky ways to do this.

Maushardt: Whane i create a post all files uploaded with this post are uploaded to /2015/09 what will happen with file that I will delete permanently and upload new file with same name a month later? is it going to be uploaded to /2015/09 or /2015/10 ?

Curvey: Seems like the best way is to p*** “cl***name” in the constructor.

Wakayama: Fris: I just tried that upload again but for some reason the page is blank after a little while.

Biffar: Ugh this http://blog.malwaremustdie.org/2014/05/elf-shared-so-dynamic-library-malware.html

Biffar: Possible via wp-super-cahce

Dickstein: Man, that seems like a lot of trouble to go to to attack a wp site

Dickstein: Oh, I see. looks like the target was other services running on the host?

Biffar: The main issue being i become a spammer

Biffar: Emails come out the wazoo like a bat out of hell

Dickstein: Oh. is that your blog entry?

Dickstein: Lots of eastern european sites on that list. some german

Biffar: Yea i gotta rebuild a new server in order to get ipset to block all overseas countries

Biffar: That’ll solve 95% of my problems

Dickstein: So what was the point of entry? a php script executed within an uploads dir that had misconfigured permissions, right?

Dickstein: In the article, I mean. not your case.

Dickstein: Oh yep. that’s what happened in that bloggers case study

Biffar: Http://blog.malwaremustdie.org/2013/08/you-hacked-we-cracked-youre-doomed-ir.html

Dickstein: So, what happened with you? was your site also infected because of perms on the uploads dir?

Lairsey: Anyone know of a plugin that adds “clone widget” functionality that works with 4.3? Seems like Oomph Clone Widgets is out of step.

Dickstein: Biffar: darn it dude. I was about to go crash. but those posts are too interesting.

Biffar: Its pretty clever by loading in memory then deleting reference to it

Dickstein: Does that mean that executed script would have the same privs as www-data?

Biffar: On my server the entire /public_html dir for that user would/could be compromised, but not outside of it

Dickstein: Mahung: I don’t think you need to “duplicate widgets”. I think you can just add another one of the same type. But then again, I’m not entirely sure what you are trying to do

Dickstein: Biffar: oh yup. that makes sense.

Dickstein: That’d burn though, if you had multiple sites under that dir

Biffar: Im just mad it does local smtp server connection, byp***ing php mail

Dickstein: Mahung: ah, I see. that’d save you work

Dickstein: Gotta crash. cable guy coming tomorrow. having fibre installed!

Dickstein: Sooo looking forward to it

Kolarik: I am making a WP theme

Pacific: I have the settings page ready

Hemenway: I would like to include the option to upload and display a logo

Hohowski: Anyone know a good tutorial?

Denet: I used a pastebin specifically for wordpress once upon a time but didn’t bookmark it . and now i can’t find it