[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Blackhole for Bad Bots WordPress Plugin 2.5 - Detection Bypass

To: Fulldisclosure <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] Blackhole for Bad Bots WordPress Plugin 2.5 - Detection Bypass
From: <gionreale@xxxxxxxxxxxx>
Date: Sun, 19 May 2019 12:07:34 +0200 (CEST)

Blackhole for Bad Bots protects your site against bad bots, spammers, scrapers, 
scanners, and other automated threats.

Version 2.5 fails to avoid fingerprinting by including predictable data within 
the "blackhole_trigger" . Giving attackers the ability to detect and avoid this 
system.


Discovered by Gionathan Armando Reale

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Epic Web Honeypot 2.0a - Fingerprinting Vulnerability
Next by Date: [FD] Emerson Network Power Cross Site Scripting(XSS) Vulnerability
Previous by thread: [FD] Epic Web Honeypot 2.0a - Fingerprinting Vulnerability
Next by thread: [FD] Emerson Network Power Cross Site Scripting(XSS) Vulnerability
Index(es):
- Date
- Thread