Hacker News new | ask | show | jobs
by yeukhon 4548 days ago
Here is the screenshot of the blog hacked. http://imgur.com/RGeTFWV

So it looks like Skype doesn't host on its own server. It looks like this is wordpress.com but with custom domain?

curl http://blogs.skype.com -v

< X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.

EDIT Okay it is

New to wpscan. When it says plugins found are these the vulnerable plugins wordpress.com running?

https://gist.github.com/yeukhon/8211580

And I found the username 7 pretty interesting.... wonder if I am actually doing the ethical thing here :(
1 comments
xsNzgw8 4548 days ago
You will find those usernames whenever you scan wordpress.com with wpscan.
link
yeukhon 4548 days ago
Wow you are right about that.

just did it on another blog.wordpress.com. How come? On Skype's blog I can access /author/7 or /author/ian but I can't do it on another blog, I get "Oops".

link
xsNzgw8 4548 days ago
I think they are trying ?author=1, ?author=2, etc
link