WordPress.org

Ready to get started?Download WordPress

Forums

[closed] Blank Foo Drafts appearing from nowhere (30 posts)

  1. rawalex
    Member
    Posted 7 years ago #

    Using 2.2 or 2.2.1 - blogs with no other users allowed to post except myself, comments set for must be approved, etc.

    I am seeing posts get added as drafts with the title "Foo" and no text.

    I have seen this on a number of WP installs this week, which makes me wonder if someone hasn't found a hole and is trying to stuff posts onto other people's blogs?

    Maybe the same thing here:

    http://codex.wordpress.org/foo

  2. whooami
    Member
    Posted 7 years ago #

  3. rawalex
    Member
    Posted 7 years ago #

    Okay, bad example. But the drafts do appear inside my admin panel, when I go to write a post, it says "Drafts: Foo" and when I open the draft, it is just a title and blank. One site had 20 of them.

  4. whooami
    Member
    Posted 7 years ago #

    oke, so look at your server logs -- if you are the only admin, then only your IP should be seen accessing wp-admin/post.php, etc...

    Using 2.2..

    thats insecure - upgrade

  5. rawalex
    Member
    Posted 7 years ago #

    Read the above post... seeing the same issue on 2.2 and 2.2.1 (I have about 50 instances of wordpress running).

  6. whooami
    Member
    Posted 7 years ago #

    i dont need to read it -- I already read it. Re-reading it wont change what I said :)

  7. rawalex
    Member
    Posted 7 years ago #

    Okay, so what is the upgrade past 2.2.1 ?

  8. whooami
    Member
    Posted 7 years ago #

    past 2.2.1? there's an svn if you are so inclined..

    You wrote:

    Using 2.2 or 2.2.1 - ...

    I was addressing the 2.2 installs.

  9. rawalex
    Member
    Posted 7 years ago #

    The issue occurs on both of them, so I don't think this relates to 2.2's security issues.

  10. whooami
    Member
    Posted 7 years ago #

    oke, we are going to start over.

    1. I read your posts

    2. in one, you indicated that you might be using wordpress 2.2 -- therefore I am suggesting that you upgrade any blogs that are using that version, irrespective of whether or not you happen to think it might be related.

    2b. Running an already insecure version of WordPress and coming here to ask a "question" where you indicate it might be a "hole", is a bit like my leaving my car running, and them coming to the police after its been stolen out of my driveway. Dont ya think.

    3. if you feel like this is a security issue than look at your logs

    --

    If you have a security concern, and wish to address it more - here ya go: e-mail: security@wordpress.org

  11. rawalex
    Member
    Posted 7 years ago #

    Thanks for your reply. It certainly helps me to track this issue down. I will remember this always.

  12. rawalex
    Member
    Posted 7 years ago #

    http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/

    Thanks for your concern on this issue, it looks like someone else has exposed the hole.

    Enjoy.

  13. judaz
    Member
    Posted 7 years ago #

    Today I too had a few drafts named "foo" in my admin account (WP 2.2). Thanks to rawalex for trying to track this down. Seems whooami had a grumpy day, but he has blogged about it now:
    http://www.village-idiot.org/archives/2007/08/02/wordpress-security-issues/

    Have a nice day, all of you.

  14. whooami
    Member
    Posted 7 years ago #

    I'm a she, so don't presume you know me.

    And hardly grumpy, so I dont know where you get that from. Possibly because I 'admonish' users from allowing an UNTRUSTED THIRD PARTY web site such as the one rawalex linked to above to execute code changes on their sites? Funny.

    I've read the posts, and the comments on that site, and ironically, the web master calls out sites such as secunia as scrapers and untrustable.

    M: I haven’t read any Article at Securityfocus, but how about undoing the changes you did to your wordpress code and then launching the worm again?

    Never trust these 3rd Party “Security” Sites like Securityfocus or Secunia. They are all the same, scraping the Content, publishing the exploits and filing them without any backlinks to the sources.

    The irony in that remark didn't get lost on me, I assure you, especially when he is asking users that dont know who the hell he is, to allow HIM remote access.

    MY post addresses ALL the changes and ALL the files for versions 2.0.x and 2.2.x and is very straight forward. All of the issues have been addressed in the SVN, which I linked to.

    1. Grab file -- upload. Done.

    You have a nice day.

  15. rawalex
    Member
    Posted 7 years ago #

    Once again, I really hate going in circles, but I checked and ALL of my current versions as 2.2.1 and I once again saw "foo" posts added in the last 24 hours.

    As for the content of the site I linked to, I didn't download or execute any code from them, but rather linked to the site to show that there are potentially issues.

    That is took a week and SOMEONE ELSE to post a link to your own blog with the solution makes me wonder what the heck you are thinking. Perhaps you enjoy publically spanking mere "users" as opposed to coders? Might I suggest spanking the coders for a while so they stop leaving gaping holes in their code?

  16. whooami
    Member
    Posted 7 years ago #

    That is took a week and SOMEONE ELSE to post a link to your own blog with the solution makes me wonder what the heck you are thinking

    what IS your fricken problem? I take have no personal issue with you. I simply wont link to a site that suggests using a worm, friendly or not. AND i wasnt even replying to you.

    1. It didnt take a week, it took a damn hour from the time of my blog post.
    2. Someone else did it because I dont whore posts here unless theyre related to my plugins.

    As for spamking coders, Ive taken matt to task on several occassions publicly -- both here and on my own site.

    So go worry about your problem, instead of taking whatever stress you feel out on other ppl.

    --------

    the upgrade past 2.2.1 is on the svn and I'll add, just to be informative, that the sandbox, which is tagged as 2.3.something does not appear to have the edits committed to it.

    For instance, I still see:

    $cat_id = $_POST['cat_id'];
                    if (($cat_id == '') || ($cat_id == 0)) {
                        $cat_id  = 1;
                    }

    which is clearly changed in the 2.2 trunk.

  17. whooami
    Member
    Posted 7 years ago #

    actually, I have to correct myself, 2.3-alpha (the trunk) does have those fixes applied. My apologies.

  18. rawalex
    Member
    Posted 7 years ago #

    whooami, you have made it clear the rest of us don't merit the time or the attention. It is also clear by today's release of the 2.2.2 update that this was an actual hole, likely triggered through upload.php.

    If you have the urge to be condescending, I would suggest you try it on a family member first. When it doesn't work with them, consider it a plan to NOT try it on people you don't know.

    My only frustration is dealing with people who think they are too well informed and too mighty to deal with end users. If you don't like dealing with us, why post rude comments?

  19. whooami
    Member
    Posted 7 years ago #

    whatever rawalex,
    My only frustration is with people like you --

    Look at the first SIX posts in this forum. My responses were completely inline with the information you provided. I EVEN suggested, rightfully so, that you contact ppl that might actually help you (that would be the email address I provided you)
    Maybe you havent gleemed this yet but Matt, et al, spend little if any reading threads here.

    --

    No matter that you originally came here running an totally obsolete version of WordPress to begin with -- I point that out, using a perfect metaphor and YOU get pissy?

    Im not the one hacking your site, you dolt. Im the one that gave you GOOD advice.

    --

    So then, lets see, later in this thread, you attack me for a reply I clearly intended for someone other than yourself..

    And Im the one thats being condescending.

    For the record, now that you have asked, Ive decided its just YOU I dont like dealing with.

    You wanted a magic solution to your problem, or so it seems..

    1. I provided what I could.

    You dont like that, here is what I say:

    TOUGH CRAP!

  20. IcelandDream
    Member
    Posted 7 years ago #

    what was the question? :)

  21. rawalex
    Member
    Posted 7 years ago #

    The question isn't relevant anymore, fixed in 2.2.2.

    I am starting to realize that there are people posting here acting as support people when they are just other end users.

    I'll know better than to ask a question in this forum in the future.

  22. mrmist
    Forum Janitor
    Posted 7 years ago #

    I am starting to realize that there are people posting here acting as support people when they are just other end users.

    Yep. Isn't that the point though?

  23. whooami
    Member
    Posted 7 years ago #

    mrmist,

    apparantly its been lost on rawalex that this support forum is comprised of ALL end users. :)

    Developers offer paid support from what I've heard, though Ive been told that is runs $85.00 an hour with a 3 hour minimum.

  24. IcelandDream
    Member
    Posted 7 years ago #

    Support people? What company was that again? Oh, user to user support. I'm just a user.

    I'll know better than to ask a question in this forum in the future.

    And I'll know better than to try helping I guess.

  25. rawalex
    Member
    Posted 7 years ago #

    Support - as in the people who wrote the code (and release the code) helping out the people who use their code.

    I came to a support forum. If I wanted to go to a "chat with other wordpress users" I would have looked for that type of a forum.

    IcelandDream, read closely the entire "help" I got from whoooami: "upgrade to the lastest version" when I repeated that the problem was happening on the latest version. That is pretty mindless.

    I feel somewhat better understanding that the problem I was having was addresses in this morning's software update. You know software updates, where the $85 an hour developers do their work.

    WordPress should rename this forum to "the blind leading the blind" forum, and keep the term support for things that are done in a somewhat more official manner.

  26. whooami
    Member
    Posted 7 years ago #

    rawalex,

    dude, GET OVER IT. I explained very clearly that I was suggesting that for YOUR admittedly OLDER versions -- I can paste it, if need be, to remind you:

    ...in one, you indicated that you might be using wordpress 2.2 -- therefore I am suggesting that you upgrade any blogs that are using that version, irrespective of whether or not you happen to think it might be related.

    --

    Go away already if you dont like it here, and don't like the answers you get. No-one is pleading that you stay.

    So far, all you have done is cry and complain. Amd the damn irony in your attitude is that I am the ONLY one that even attempted to address you. Why dont you run off at the keyboard at the thousands of people that completely ignored you?

    -----

    ya know, im wasting time on a guy that has links to teen porn on his site -- youre a REAL class arent you raw.. It is absolutely fascinating how much you can find out about someone's character when you google them.

    wow.

  27. IcelandDream
    Member
    Posted 7 years ago #

    IcelandDream, read closely the entire "help" I got ....

    um, no. I'm not here to analyze and judge.

    bye bye.

  28. rawalex
    Member
    Posted 7 years ago #

    Links to teen porn? You don't get it... I'm in the adult business. You can manage your one blog, and I'll manage my 50 blogs and there ya go. If you are going to look down your nose at adult material, well... that's your issue and not mine. I don't look at your blog(s) and complain about your posts, although linking to "village idiot" almost seems too classic to comment on.

    I clearly stated that the problem occurred on BOTH versions 2.2 and 2.2.1. If the problem was limited ONLY to 2.2, then the upgrade answer would be good. But since I saw the same problem on both versions, the clue is that it isn't related to something fixed in that upgrade. With 50 upgrades to do, some domains will slip a little while until I get around to them. I looked closely to make sure it wasn't related to an out of date version.

    Proof in the pudding is that the fixes in 2.2.2 appear to be aimed at this exact problem.

    I am just disappointed to realize that the "support" board isn't support at all. Perhaps the powers that be at wordpress.org might consider renaming the forum to reflect more of it's "users helping users" rather than being direct product support.

    ... and now off to update the renaming 30 or so installations that need to be updated to this weeks version.

  29. mrmist
    Forum Janitor
    Posted 7 years ago #

    After all of this though, the answer to your problem is to upgrade to the very latest version (2.2.2).

    Admittedly that wasn't available when whoami suggested that you upgrade your outdated copies of the program, but the central thinking behind her answer still applies, and now fixes your issue.

    If your 50 upgrades cause you trouble, you could always employ someone to upgrade them for you. No doubt the adult business you are in pays well.

  30. whooami
    Member
    Posted 7 years ago #

    Your thick-skulled arent you. You honestly deserve to pay for support.

    As for your line of work - I already KNOW what you do, I googled you. I spose its quite commonplace in the adult business to advertise teen porn. No big surprise, really, that your a skank.

Topic Closed

This topic has been closed to new replies.

About this Topic