Vladimir Smitka

In the previous part of this series, I repeatedly mentioned that users should not have access to PHP-FPM sockets, not even their own. The main reason is that direct communication with the PHP-FPM socket can influence PHP settings and bypass various restrictions. For example, it can bypass open_basedir limitations or enable system functions that are…

In my previous article, I demonstrated how I managed to attack a Docker container due to a publicly accessible PHP-FPM socket on a TCP port. However, in traditional (non-containerized) infrastructure, Unix sockets are more commonly used. These sockets behave similarly to regular files with various permissions. The permissions of these Unix sockets are absolutely critical,…

In the teaser article, I discussed my research on various CloudPanels, where I attempted to bypass the isolation of individual sites and to make unauthorized modifications. Following the teaser’s release, many users were surprised to learn that this issue also occurred with providers using Docker, who often claim their service is completely secure thanks to…

Proper site isolation is crucial for web hosting security, but my investigation revealed alarming weaknesses in popular providers’ isolation mechanisms. By exploiting misconfigurations, I easily bypassed barriers between sites, accessed sensitive data, and even compromised entire hosting infrastructures within minutes.

Looking beyond basic tips, here are 13 extra measures based on years of experience to fortify your WordPress security.

In the context of the recent surge in attention towards a critical Remote Code Execution (RCE) flaw in Brick Builder, I want to shed light on a less-known issue I discovered and reported two years ago. This flaw, which has been quietly addressed in versions around 1.6, affects not only Brick Builder but also other…

Last week we witnessed a critical vulnerability in the WordPress visual builder Bricks: https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6. In this article I will describe how the attack happened, add a bit of theory for those who are not so tech-savvy, add procedures for cleaning up the site and tips for preventing future attacks. What happened? Due to the severity…

“The Famous WordPress 5-Minute Install” was great. Unfortunately, today it can cause serious security problems. The typical scenario is to upload core files to your host, open the installer, and it is done in a few minutes. During these few minutes is your installer publicly available to everyone. If the attacker is speedy enough, he…