Project Description

The aim of this project is to build a tool that can dynamically probe a WordPress installation running within a container and detect probable security vulnerabilities.

The tool is inspired by the wpgarlic proof-of-concept article and basically tries to create bogus requests and find out where these requests end up producing unexpected output, rather than only performing a static analysis on the code.

It will first understand how the plugin behaves and what data it accesses, such as from the GET and POST parameters. Then, the tool will inject itself into the core and plugin’s functions to intercept and retrieve data, create actions, send requests, and stress the plugin in the hopes of detecting unescaped output or leaking internal data.

Hackathon Goals

The main goal for the Hackathon is to create a powerful fuzzer with the following characteristics:

• It doesn’t rely at all on entropy/randomness and provides fixed results throughout scans with better rules in order to lower the false positives;
• It has a modular system to add new scans and rules easily;
• It injects itself into methods and classes during runtime without editing the source code;
• It tries to find and display the vulnerability source.

Target Audience

Backend Developers, Security Researchers