Posto një konkurs

build a zip bomb plugin for wordpress

Statusi: Closed
Çmimi: $110
Kandidaturat e marra: 4
Fituesi: JakeValladares

Winner

Përmbledhja e konkursit

Create a plugin for wordpress that breaks WPScan with a zip bomb such as in this article
https://www.sitepoint.com/how-to-defend-your-website-with-zip-bombs/
https://tools.kali.org/web-applications/wpscan

The project will be considered a success after a code audit when a screen recording showing WPscan failing on a website with your plugin is installed.

I will retain the rights and source code to the plugin after development.

The plugin should be packaged as a reusable plugin.

Aftësi të rekomanduara

Winner

Posto një konkurs si ky

Vlerёsimi i punёdhёnёsit

“@JakeValladares won the contest on 17 September 2019”

lihanyu1, United States.

Punimet mё tё mira nga ky konkurs

JakeValladares Spain

1
sharminzaman3010 Bangladesh

0
pdeb85 India

2
shahalaanjum India

0

Shiko mё shumё vepra

Këndi publik i sqarimeve

pdeb85
- 4 vite më parë
Hello, I have a question. How do you intend to make the GZIP payload file available through reusable packaging? Thanks, Pratyush
- 4 vite më parë
nitinktg
- 4 vite më parë
It is quite impossible to do what you are asking. I did an analysis and below are the findings (to aid other developers as well):

WPScan has a database of plugins to check for in the scan. And the scan does only a HEAD request on the files in the database. EG: /wp-content/plugins/classic-editor/robots.txt. If you want to package it as a reuseable plugin, wpscan first has to know that there is a plugin like that. Even if you manage to spoof a file in an existing plugin and install it manually, it will never get processed as a zipfile as it does only a HEAD request. The ideal way would be to collaborate with WPScan to add this as a feature.
- 4 vite më parë