Co-Founder of Mozilla Project

ck — Thu, 28 Feb 2008 19:46:07 +0000

Blake Ross WordPress blog is being run by wordpress.net.in goro spam injection.

Who's Blake Ross

Blake Aaron Ross is a software developer who is known for his work on the Mozilla web browser; in particular, he started the Mozilla Firefox project with Dave Hyatt, as well as the Spread Firefox project with Asa Dotzler while working as a contractor at the Mozilla Foundation.In 2005, he was nominated for Wired magazine’s top Rave Award, Renegade of the Year, opposite Larry Page, Sergey Brin and Jon Stewart. He was also a part of Rolling Stone magazine’s 2005 hot list.

Image Source, The cover for issue #13.02 (the February 2005 edition) of Wired magazine featuring Blake Ross holding a Firefox globe as part of the lead article, The Firefox Explosion, about the browser’s development history.

HTML Source & ScreenGrab

WordPress Vulnerability

Outdated WordPress
- WordPress 2.0.4 Exploit & Vulnerability
  - Blake’s is running on WordPress 2.0.4 first release on Jul 29th, 2006.
  - wp-db-backup.php directory traversal Rev.4226
  - Mark Jaquith on WordPress 2.0.5 Changelog
- µ Proxy Cached: blakeross.com WordPress Version (feed)

WordPress Core Directory & Plugins Informations Leak

View blakeross.com WordPress Core Directory Listing

Index of /wp-includes

 Name Last modified Size Description

[DIR] Parent Directory 25-Dec-2006 01:14 -
[ ] cache.php 03-Sep-2006 23:52 11k
[ ] capabilities.php 03-Sep-2006 23:52 11k
[ ] class-IXR.php 03-Sep-2006 23:52 27k
[ ] class-pop3.php 03-Sep-2006 23:52 21k
[ ] class-snoopy.php 03-Sep-2006 23:52 37k
[ ] classes.php 03-Sep-2006 23:52 51k
[ ] comment-functions.php 03-Sep-2006 23:52 31k
[ ] default-filters.php 03-Sep-2006 23:52 5k
[ ] feed-functions.php 03-Sep-2006 23:52 4k
[ ] functions-compat.php 03-Sep-2006 23:52 3k
[ ] functions-formatting..> 03-Sep-2006 23:53 34k
[ ] functions-post.php 03-Sep-2006 23:53 30k
[ ] functions.php 03-Sep-2006 23:53 71k
[ ] gettext.php 03-Sep-2006 23:53 11k
[DIR] images/ 03-Sep-2006 23:50 -
[DIR] js/ 03-Sep-2006 23:55 -
[ ] kses.php 03-Sep-2006 23:55 22k
[ ] links.php 03-Sep-2006 23:55 20k
[ ] locale.php 03-Sep-2006 23:55 3k
[ ] pluggable-functions.php 03-Sep-2006 23:55 17k
[ ] registration-functio..> 03-Sep-2006 23:55 4k
[ ] rss-functions.php 03-Sep-2006 23:55 21k
[ ] streams.php 03-Sep-2006 23:55 4k
[ ] template-functions-a..> 03-Sep-2006 23:55 5k
[ ] template-functions-c..> 03-Sep-2006 23:56 13k
[ ] template-functions-g..> 03-Sep-2006 23:56 21k
[ ] template-functions-l..> 03-Sep-2006 23:56 15k
[ ] template-functions-p..> 03-Sep-2006 23:56 15k
[ ] template-loader.php 03-Sep-2006 23:56 2k
[ ] vars.php 03-Sep-2006 23:56 3k
[ ] version.php 03-Sep-2006 23:56 1k
[ ] wp-db.php 03-Sep-2006 23:56 10k
[ ] wp-l10n.php 03-Sep-2006 23:56 2k 

Apache/1.3.39 Server at blakeross.com Port 80

µ Proxy Cached: http://blakeross.com/wp-includes/

View blakeross.com WordPress Plugins Directory Listing

Index of /wp-content/plugins

 Name Last modified Size Description

[DIR] Parent Directory 27-Sep-2006 22:27 -
[DIR] akismet/ 03-Sep-2006 23:52 -
[ ] hello.php 03-Sep-2006 23:52 2k
[ ] wp-db-backup.php 03-Sep-2006 23:52 30k 

Apache/1.3.39 Server at blakeross.com Port 80

µ Proxy Cached: http://blakeross.com/wp-content/plugins

Hardening Wordpress?

There is 105,000 WordPress blogs leaking their plugins informations for BotNet to scan.

Blackhat SEO targeting High PR WordPress Blog

Blake Ross is not alone, there is similar Spamride cases for the past few months. Below is are few “High PR WordPress Blogs” with similar issues.

Others Popular Victim

Al Gore’s Blog
Bluehost Hostmonster CEO’s Blog
blog.indeed.com
thinkingphp.org
floaridablog.org

Kaizeku Ban » Owned