WordPress.org

Forums

BackUpWordPress
[resolved] Heads Up (4 posts)

  1. AITpro
    Member
    Posted 2 years ago #

    I was able to beat this relatively quickly and compromise a test site.

    define( 'HMBKP_SECURE_KEY', md5( ABSPATH . time() ) );

    I was not able to compromise the test site by changing this code.

    $contents[]	= '# ' . sprintf( __( 'This %s file ensures that other people cannot download your backup files.', 'hmbkp' ), '.htaccess' );
    		$contents[] = '';
    		//$contents[] = '<IfModule mod_rewrite.c>';
    		//$contents[] = 'RewriteEngine On';
    		//$contents[] = 'RewriteCond %{QUERY_STRING} !key=' . HMBKP_SECURE_KEY;
    		//$contents[] = 'RewriteRule (.*) - [F]';
    		//$contents[] = '</IfModule>';
    		$contents[] = 'order deny,allow';
    		$contents[] = 'deny from all';
    		$contents[] = '';

    http://wordpress.org/extend/plugins/backupwordpress/

  2. Tom Willmot
    Human Made
    Plugin Author

    Posted 2 years ago #

    Hey there,

    Thanks for flagging this, could you email me at tom@hmn.md so we can carry this conversation on in private.

    Kind Regards,

    Tom Willmot

  3. Tom Willmot
    Human Made
    Plugin Author

    Posted 2 years ago #

    Just to followup here, I've been working with AITpro off-list.

    Ultimately it lead to an improvement in how the HMBKP_SECURE_KEY is generated which would make his approach impossible.

    I'll release this in the next release, it's a minor security hardening issue.

  4. AITpro
    Member
    Posted 2 years ago #

    "Improvement" is an understatement - Your solution is absolutely brilliant!

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • BackUpWordPress
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic

Tags

No tags yet.