An Out-of-Date CMS is No Match for a Skilled Intruder

Web Attack

© Lead Image © peshkov, 123RF.com

© Lead Image © peshkov, 123RF.com

Article from Issue 304/2026
Author(s):

Scary things can happen if you don't keep your CMS up to date. We'll show you how an unpatched vulnerability can lead to privilege escalation and root access.

Pause for a moment and consider all the applications that are powering today's online services, and then step back to consider the attack surface that each one of them presents. In this article, I will look at how a security bug in an online application might allow an attacker to gain full access to the underlying Linux server running it. The prize, in this case, is that the attacker will acquire root access to the server.

The journey starts with a security bug in the application itself, which is an out-of-date version of the CMS Made Simple content management system (CMS). The bug allows an attacker, via a carefully crafted URL, to take advantage of a time-based SQL Injection (SQLi), which ultimately affects the database powering the application. The exploit doesn't even need a valid login.

The next step is to brute-force access to the underlying Linux system, via SSH, before then trying to achieve the final goal: becoming the superuser root, which allows an attacker to take over the system.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Credential Stuffing

    A credential stuffing cyberattack uses username and password credentials stolen in a data breach to gain access to your accounts. We explain how it works and how to prevent yourself from becoming a victim.

    more »
  • Attacking SSH

    Sometimes the only way to break into an SSH server is through brute force – and yes, there are tools for that.

    more »
  • Kernel Exploits

    This deep look at how intruders attack an out-of-date kernel should be enough to convince you of the need to stay vigilant.

    more »
  • Capture the Flag

    TryHackMe's Capture the Flag puzzles are a useful source for users who want to learn about ethical hacking and penetration testing.

    more »
  • Reverse Shells

    Firewalls block shell access from outside the network. But what if the shell is launched from the inside?

    more »
comments powered by Disqus