Syclanex PW Press A platform that has indexed over 15 million WordPress websites, collecting data related to vulnerabilities and misconfigurations.
Sicuranex, a cybersecurity company leveraging the extensive Common Crawl dataset and pushing the limits of data analysis, PW Press Service. This work involved parsing the entire Web Archive Text (WAT) database. 21 TiB A repository for identifying WordPress installations around the world.
Harness the power of data
PWPress believes that data is the key to discovering vulnerabilities and strengthening your WordPress website. To achieve this, our dedicated team carefully compared our extensive collection of WordPress installations against our comprehensive Common Vulnerabilities and Exposures (CVE) database. This thorough analysis includes WordPress core version, plugin version, PHP version and web server type. It provides valuable insight into potential security risks and vulnerabilities..
Pingback: Risk Amplification
To understand the WordPress ecosystem, we looked at active pingback areas, which are mechanisms used by WordPress sites to notify other sites when they link to your content. Pingbacks can be an important feature, but malicious actors can exploit them to perform amplified Distributed Denial of Service (DDoS) attacks.
By initiating a pingback request with a spoofed source IP address, an attacker can direct a response to the target website, overwhelming the resource and making it inaccessible. This amplification technique takes advantage of the interconnected nature of your WordPress site to potentially amplify the impact of a DDoS attack.
We've collected 2,178,478 pingbacks!
At PWPress, we want to convince our users that we prioritize privacy and data protection. We’ve collected a massive data set of over 2 million active pingbacks from WordPress websites, but we want to highlight the following: We do not export or disclose any specific information about these pingbacks.. Our focus is to utilize this data for research and security purposes within ethical boundaries.
At PWPress, we want to convince our users that we prioritize privacy and data protection. We’ve collected a massive data set of over 2 million active pingbacks from WordPress websites, but we want to highlight the following: We do not export or disclose any specific information about these pingbacks.. Our focus is to utilize this data for research and security purposes within ethical boundaries.
However, it is important to acknowledge the potential malicious use of the pingback function. When exploited by malicious actors, pingbacks can be used for malicious activities such as amplification distributed denial of service attacks. Website owners and administrators are strongly advised to be aware of these risks and take necessary precautions to protect their websites, such as disabling or limiting the pingback feature when not needed.
For example, as shown in the following video, we did an experiment By attempting to send a pingback to our website pwnpress.io Served exclusively on WordPress websites with the top-level domain (TLD) “gov.it”. The purpose was to demonstrate the potential reach and effectiveness of pingbacks in the target context. As shown, the pingback successfully reached the website. As a result, 12 requests were received from 24 different “gov.it” websites..
Imagine the potential impact at the hands of a malicious actor with access to over 2 million active pingbacks.
If you’d like to learn more about the WordPress pingback problem and its connection to denial of service (DoS) attacks, we’ve compiled a list of reputable references for further exploration.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(security work – hacking, PW Press)
share