Online Security » Site Updates

Top 100K Sites WordPress Usage Infographic

admin — Mon, 22 Aug 2011 13:08:12 +0000

WordPress.org have a post up detailing the “state of the word”.

Around the same time we have been putting a wordpress infographic that highlights some of the findings from our analysis of wordpress usage among the top 100K sites (as rated by Alexa).

WordPress Usage in the Top 100K Infographic

Winter Updates

admin — Wed, 13 Jul 2011 03:49:10 +0000

Being mid-winter down here in Sydney, its been a time to hunker down and drink copious amounts of coffee.

While doing that we have also pushed out many changes and updates to the scanning system and site.

Backend, bug fixes in some of the backend scans. Improvements to other scans including improved results layout and more security checks.
Theme Refresh, we have stuck with the same Wootheme but have tidied up and done some updates. Hopefully the options and information is now clearer making it easier for you to get on with scanning and securing your systems.
Look out for upcoming exploitation demonstration posts and tutorials for the security newbies.

If you find any bugs, drop us a line.

Secure WordPress

admin — Thu, 26 May 2011 00:18:49 +0000

WordPress Scanner is the latest tool added to our kit. It can be used to test the security of your wordpress installation from an external perspective. No plugin installation is required, our systems will do an external passive analysis of your wordpress installation and highlight wordpress security issues along with recommendations to improve the security of your installation.

Did you know that wordpress is the most popular web publishing platform? When looking at the Top 1 Million sites it is well ahead of other big players such as the Google owned Blogger and open source frameworks such as Joomla and Drupal. In March HackerTarget.com produced a report on the popularity of technologies in the Alexa Top 1 Million Sites.

Operating a secure WordPress installation is not a difficult task, it does require a small amount of work to stay on top of things, afterall with WordPress being so popular the security is constantly being tested.

Tips for securing your WordPress CMS

Back It Up – Be ready to lose it all at anytime. If you have an up to date backup restoring is much easier

Keep WordPress System up to date

Keep all Plugins up to date

Beware of untrusted Themes

Rename admin account to a non-generic name

Use strong passwords ( a dictionary word with a number after it is not a strong password! )

Keep your password safe! Do not re-use it on other sites.

Ensure you have up to date AV on your Windows Machine. Malware collects passwords.

The underlying server must be well managed and in a secure state

VPS or Dedicated server? Set up server monitoring (ossec.net is a good start)

There are a multitude of guides to securing your WordPress installation, in the mean time why not test your sites security now with our easy to use online scanner.

New OpenVas Report Option

admin — Thu, 05 May 2011 03:14:54 +0000

OpenVas is one the most popular tools we have online, and is an excellent way to perform a thorough vulnerability scan of a system to determine if there are any security issues or holes present.

We have in the past couple of weeks added a new “Enhaned PDF” reporting option to our scanner, that is a simple wrapper script around the html report. The idea is that it provides an easy to read and more understandable format for some of our less technical users, or those who would like to pass the report with the nice charts onto management.

In addition it does some basic data and geoip collection around the IP address and includes this in a map format.

If you have any further ideas or comments let us know.

Online OpenVas Scan

sqlmap 0.9 added to online security scans

admin — Wed, 20 Apr 2011 09:22:39 +0000

Latest update to the site tools is the addition of the new SqlMap 0.9 release to the sql injection test page.

This is a tool that takes SQL Injection to the next level and beyond. While our online scan tests for Sql Injection in HTTP GET requests, this is only the beginning. This tool can exploit sql injection to give the tester an full operating system access either via an inserted shell or by external command execution. Does not matter if you are on Windows or Linux it can do both.

All the details are on the main site. Or here is a quick list of improvements:

Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, SQLite, Firebird, Sybase and SAP MaxDB database management systems.
Full support for five SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query and stacked queries.
Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name.
Support to enumerate database users, users’ password hashes, users’ privileges, users’ roles, databases, tables and columns.
Automatic recognition of password hashes format and support to crack them with a dictionary-based attack.
Support to dump database tables entirely, a range of entries or specific columns as per user’s choice. The user can also choose to dump only a range of characters from each column’s entry.
Support to search for specific database names, specific tables across all databases or specific columns across all databases’ tables. This is useful, for instance, to identify tables containing custom application credentials where relevant columns’ names contain string like name and pass.
Support to download and upload any file from the database server underlying file system when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
Support to execute arbitrary commands and retrieve their standard output on the database server underlying operating system when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
Support to establish an out-of-band stateful TCP connection between the attacker machine and the database server underlying operating system. This channel can be an interactive command prompt, a Meterpreter session or a graphical user interface (VNC) session as per user’s choice.
Support for database process’ user privilege escalation via Metasploit’s getsystem command which inclhttp://testphp.vulnweb.com/artists.php?artist=2ude, among others, the kitrap0d technique ( MS10-015).

Have a look at the help file on the scan page for a sample run against the Acunetix Test Site.

Web Tech 2011 – Part 2

admin — Thu, 07 Apr 2011 06:42:21 +0000

Now available is Part 2 of our Web Tech Report 2011 data mining project. We have compared the results of the most popular web technologies of the Top 1 Million Web Sites with the most popular Technologies in use by the Forbes Fortune 1000 US Corporations.

There is a clear preference by the largest corporations to build systems around proprietary technology, as opposed to top million where the preference is for open source based solutions. See the full reports for details.

See the following chart for a comparison of our numbers comparing the results from the Alexa Top 1 Million Survey, the results from this report and the results from the ongoing web server report from Netcraft.

Full details are in the linked report:
Download from HackerTarget.com
or
View online at Scribd

Web Tech 2011 Report

admin — Mon, 28 Mar 2011 10:27:02 +0000

The HackerTarget.com Web Tech 2011 Report has just been released. This is the first edition of the report and aims to provide insight into the web technologies in use by the worlds most popular websites. Based on the Alexa top 1 million sites; content management system popularity, web servers, server side scripting, web development frameworks, client side scripting and other detected technologies have all been assessed.

Data was collected by running whatweb from morningstar security against the Alex 1 million top sites.

* Note the report was updated on 7/4/11 due to a data parsing error that resulted in some sites with no English characters in the Title having some data missed. Links below have been updated.

Full details are in the linked report:
Download from HackerTarget.com
or
View online at Scribd.

dnsdumpster.com launched for osint recon

admin — Tue, 08 Feb 2011 02:34:56 +0000

DNSDumpster.com is the latest reporting tool from HackerTarget.com. We have built an open source intelligence gathering tool that will profile a domain name and produce an easy to read report about related systems and publicly available information about that domain.

If you want more information have a look at the about page; otherwise head over and give it a spin!

Ubuntu 10.04 LTS Apache to Nginx and other updates

admin — Tue, 08 Feb 2011 02:25:10 +0000

It has been a busy week here; firstly we have migrated our main web site hosting from Slicehost to Linode. Better price and performance being the main reason. I have had no problems with Slicehost having been with them since before the Rackspace takeover. On the other hand I have heard only good things from Linode and you get more bang for buck memory wise over at Linode.

As part of the move in a bid to squeeze more performance out of our WordPress front end, we have moved from ubuntu 8.04 LTS to ubuntu 10.04 LTS and from Apache to Nginx with php-fast-cgi. After reading up on the differences, performance wise nginx seems to give a significant boost.

There was no outage to our scanning services or web site during the move. For those interested this guide came in handy http://library.linode.com/lemp-guides/ubuntu-10.04-lucid/, a few tweaks to the server config files and we were off and running.

Hack your org in 60 minutes

admin — Thu, 06 Jan 2011 04:30:22 +0000

Often times the users of HackerTarget.com are not experts in the realm of vulnerability assessments. In fact many are not sure where to start and are confronted with a bunch of free tools available online for immediate use. The tools have a variety of different uses leaving beginners unsure of where to begin.

I have put together a quick flow of the general process that one would follow to assess a domain name. This will you to discover various systems associated with the domain name, and assuming you have permission each of those can be assessed for security issues by following this flow.

If you are interested in a more comprehensive security vulnerability assessment methodology we highly recommended the recently released version 3 of the OSTMM – Open Source Security Testing Methodology Manual.

For those who want to dig in and get a quick overview of the security of their organisation, have a look at this flowchart, hit our scan pages and get hacking.