ProjectX Social Media and News

Pinoy Black Hat Blog Got Owned with TimThumb Vulnerability

pinoyblackhat

Pinoy Black Hat Blog got owned by Dr. BR8 using a Remote Code Execution because of the TimThumb vulnerability in his WordPress blog. It is totally unacceptable that a blog that talks about Information Security, Hacking, and Penetration Testing, is not aware of such vulnerability which is a 0-day vulnerability last year.

timthumbexploit

Pinoyblackhat.com is a personal blog of Lester Mariano a.k.a Dukhang Hacker or Greyhat Ethical Hacker has just restored his page now. Looks like the deface pages about him are true. LoL

Owh… and for readers out there, this article should help you patch your website’s vulnerability if you have timthumb.php in your blog.

3 Comments

Leave a Reply