Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Backdoor mu 93 AccessPress mapulagini ndi mitu yogwiritsidwa ntchito pamasamba 360 zikwi

Backdoor mu 93 AccessPress mapulagini ndi mitu yogwiritsidwa ntchito pamasamba 360 zikwi

Otsutsawo adatha kuyika kumbuyo kwa mapulagini a 40 ndi mitu ya 53 ya WordPress content management system, yopangidwa ndi AccessPress, yomwe imanena kuti zowonjezera zake zimagwiritsidwa ntchito pa malo oposa 360 zikwi. Zotsatira za kuwunika kwa chochitikacho sizinaperekedwebe, koma zikuganiziridwa kuti code yoyipa idayambitsidwa panthawi yakusamvana kwa tsamba la AccessPress, ndikupanga kusintha pazosungidwa zomwe zimaperekedwa kuti zitsitsidwe ndi zotulutsidwa kale, popeza kumbuyo kulipo. mu code yokhayo yomwe imagawidwa kudzera pa tsamba lovomerezeka la AccessPress, koma palibe muzotulutsa zomwezo zowonjezera zomwe zimagawidwa kudzera mu bukhu la WordPress.org.

Zosintha zoyipazi zidapezeka ndi wofufuza ku JetPack (gawo la WordPress developer Automatic) pomwe akuwunika manambala oyipa omwe amapezeka patsamba la kasitomala. Kuwunika kwazomwe zikuchitika kukuwonetsa kuti kusintha koyipa kunalipo muzowonjezera za WordPress zomwe zidatsitsidwa kuchokera patsamba lovomerezeka la AccessPress. Zowonjezera zina zochokera kwa wopanga yemweyo zidasinthidwanso moyipa zomwe zimalola mwayi wofikira patsamba lomwe lili ndi ufulu woyang'anira.

Panthawi yosinthidwa, otsutsawo adawonjezera fayilo ya "initial.php" kumalo osungiramo zinthu zakale ndi mapulagini ndi mitu, yomwe idalumikizidwa kudzera mu "kuphatikiza" malangizo mu fayilo ya "functions.php". Kuti asokoneze njirayo, zoyipa zomwe zili mufayilo ya "initial.php" zidabisika ngati base64 encoded block of data. Kuyika koyipa, monyengerera kuti mwapeza chithunzi kuchokera patsamba la wp-theme-connect.com, kudalowetsa mwachindunji code yakumbuyo mu fayilo ya wp-includes/vars.php.

Backdoor mu 93 AccessPress mapulagini ndi mitu yogwiritsidwa ntchito pamasamba 360 zikwi
Backdoor mu 93 AccessPress mapulagini ndi mitu yogwiritsidwa ntchito pamasamba 360 zikwi

Masamba oyamba omwe adaphatikiza zosintha zoyipa pazowonjezera za AccessPress adadziwika mu Seputembara 2021. Zimaganiziridwa kuti ndipamene kumbuyoku kunalowetsedwa muzowonjezera. Chidziwitso choyamba cha AccessPress chokhudza vuto lodziwika sichinayankhidwe, ndipo AccessPress inatha kuyang'anitsitsa pambuyo pophatikizapo gulu la WordPress.org pakufufuza. Pa Okutobala 15, 2021, zosungidwa zakale zomwe zidakhudzidwa ndi backdoor zidachotsedwa patsamba la AccessPress, ndipo mitundu yatsopano yazowonjezera idatulutsidwa pa Januware 17, 2022.

Sucuri idawunika padera masamba omwe mitundu yokhudzidwa ya AccessPress idayikidwira ndikuzindikira kupezeka kwa ma module oyipa omwe adalowetsedwa pakhomo lakumbuyo lomwe limatumiza sipamu ndikutumizanso kumasamba azachinyengo (ma module anali a 2019 ndi 2020). Zikuganiziridwa kuti olemba a backdoor anali kugulitsa mwayi wopita kumalo osokonezeka.

Mitu yomwe kusintha kwanyumba yakumbuyo kumajambulidwa:

  • accessbuddy 1.0.0
  • accesspress-basic 3.2.1
  • accesspress-lite 2.92
  • accesspress-mag 2.6.5
  • accesspress-parallax 4.5
  • accesspress-ray 1.19.5
  • accesspress-root 2.5
  • accesspress-staple 1.9.1
  • accesspress-sitolo 2.4.9
  • bungwe-lite 1.1.6
  • aplite 1.0.6
  • gawo 1.0.4
  • blogger 1.2.6
  • zomangamanga-lite 1.2.5
  • doko 1.0.27
  • mvetsetsa 1.3.5
  • fashstore 1.2.1
  • kujambula 2.4.0
  • gaga-Corp 1.0.8
  • gaga-lite 1.4.2
  • malo amodzi 2.2.8
  • parallax-blog 3.1.1574941215
  • parallaxsome 1.3.6
  • gawo 1.1.2
  • kuzungulira 1.3.1
  • kukwera 1.2.0
  • scrollme 2.1.0
  • Masewera amasewera 1.2.1
  • sitolovilla 1.4.1
  • swing-lite 1.1.9
  • woyambitsa 1.3.2
  • Lolemba 1.4.1
  • uncode-lite 1.3.1
  • unicon-lite 1.2.6
  • vmag 1.2.7
  • vmagazine-lite 1.3.5
  • vmagazine-nkhani 1.0.5
  • ziggy-mwana 1.0.6
  • zigcy-cosmetics 1.0.5
  • zigcy-lite 2.0.9

Mapulagini momwe kulowetsedwa kwapakhomo kunapezeka:

  • accesspress-anonymous-post 2.8.0 2.8.1 1
  • accesspress-custom-css 2.0.1 2.0.2
  • accesspress-custom-post-type 1.0.8 1.0.9
  • accesspress-facebook-auto-post 2.1.3 2.1.4
  • accesspress-instagram-feed 4.0.3 4.0.4
  • accesspress-pinterest 3.3.3 3.3.4
  • accesspress-social-counter 1.9.1 1.9.2
  • accesspress-social-zithunzi 1.8.2 1.8.3
  • accesspress-social-login-lite 3.4.7 3.4.8
  • accesspress-social-share 4.5.5 4.5.6
  • accesspress-twitter-auto-post 1.4.5 1.4.6
  • accesspress-twitter-feed 1.6.7 1.6.8
  • ak-menu-icons-lite 1.0.9
  • ap-mnzake 1.0.7 2
  • ap-mawu-fomu 1.0.6 1.0.7
  • ap-mwambo-umboni 1.4.6 1.4.7
  • ap-mega-menyu 3.0.5 3.0.6
  • ap-pricing-tables-lite 1.1.2 1.1.3
  • apex-notification-bar-lite 2.0.4 2.0.5
  • cf7-sitolo-ku-db-lite 1.0.9 1.1.0
  • ndemanga-letsa-kufikira 1.0.7 1.0.8
  • zosavuta mbali-tabu-cta 1.0.7 1.0.8
  • everest-admin-theme-lite 1.0.7 1.0.8
  • everest-coming-soon-lite 1.1.0 1.1.1
  • everest-comment-rating-lite 2.0.4 2.0.5
  • everest-counter-lite 2.0.7 2.0.8
  • everest-faq-manager-lite 1.0.8 1.0.9
  • everest-gallery-lite 1.0.8 1.0.9
  • everest-google-places-reviews-lite 1.0.9 2.0.0
  • everest-review-lite 1.0.7
  • everest-tab-lite 2.0.3 2.0.4
  • everest-timeline-lite 1.1.1 1.1.2
  • kuyitanira-ku-kuchita-omanga-lite 1.1.0 1.1.1
  • product-slider-for-woocommerce-lite 1.1.5 1.1.6
  • smart-logo-showcase-lite 1.1.7 1.1.8
  • smart-scroll-posts 2.0.8 2.0.9
  • smart-scroll-to-top-lite 1.0.3 1.0.4
  • Total-gdpr-compliance-lite 1.0.4
  • gulu lonse-lite 1.1.1 1.1.2
  • wolemba womaliza-bokosi-lite 1.1.2 1.1.3
  • womaliza-fomu-womanga-lite 1.5.0 1.5.1
  • woo-badge-designer-lite 1.1.0 1.1.1
  • wp-1-slider 1.2.9 1.3.0
  • wp-blog-manager-lite 1.1.0 1.1.2
  • wp-comment-designer-lite 2.0.3 2.0.4
  • wp-cookie-user-info 1.0.7 1.0.8
  • wp-facebook-review-showcase-lite 1.0.9
  • wp-fb-messenger-batani-lite 2.0.7
  • wp-yoyandama-menyu 1.4.4 1.4.5
  • wp-media-manager-lite 1.1.2 1.1.3
  • wp-popup-banner 1.2.3 1.2.4
  • wp-popup-lite 1.0.8
  • wp-product-gallery-lite 1.1.1

Source: opennet.ru

Kuwonjezera ndemanga