TimThumb Vulnerability is not a 0-day vulnerability anymore but there are still vulnerable Wordpress blogs today that are vulnerable to Remote Code Execution which is very risky.

Why this vulnerability is very risky and dangerous? Because it allows hackers to upload a backdoor in your website or deface your website. In fact, the self-proclaimed world’s no.1 hacker Gregory Evan’s blog was pawned with this kind of exploit. But we will not talk about Evan’s issue here whose name is flagged in Security Errata, our main topic is how to secure your TimThumb script if you have  a Wordpress blog that has timthumb.php.

How To Fix and Secure it:

$ALLOWED_SITES = array (        

                                  'flickr.com',         

                                  'picasa.com',         

                                  'img.youtube.com',         

                                  'upload.wikimedia.org',         

                                  'photobucket.com',         

                                  'imgur.com',         

                                  'imageshack.us',         

                                  'tinypic.com',     

                  );

3. Rename the TimThumb script and put some .htacess configuration or file on your sensitive folders just like how you secure an admin page.

4. Install security plugins.

5. Owh and make sure that the script have ALLOW_EXTERNAL line code set to false.

define ('ALLOW_EXTERNAL', FALSE);

You should update your blog or else you could end up like this:

About the Contributor:

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.