json Attempt – What does it mean?

  • Resolved justwander

    (@justwander)


    8 years, 3 months ago

    My live traffic log contained the following:

    http://www.sitename.com/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.sitename.com%2F

    I looked at the page and found this:

    {"version":"1.0","provider_name":"MySiteName","provider_url":"http:\/\/www.MySiteName.com","title":"Home","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\"><a href=\"http:\/\/www.MySiteName.com\/\">Home<\/a><\/blockquote>\n<script type='text\/javascript'>\n<!--\/\/--><![CDATA[\/\/><!--\n\t\t!function(a,b){\"use strict\";function c(){if(!e){e=!0;var a,c,d,f,g=-1!==navigator.appVersion.indexOf(\"MSIE 10\"),h=!!navigator.userAgent.match(\/Trident.*rv:11\\.\/),i=b.querySelectorAll(\"iframe.wp-embedded-content\");for(c=0;c<i.length;c++){if(d=i[c],!d.getAttribute(\"data-secret\"))f=Math.random().toString(36).substr(2,10),d.src+=\"#?secret=\"+f,d.setAttribute(\"data-secret\",f);if(g||h)a=d.cloneNode(!0),a.removeAttribute(\"security\"),d.parentNode.replaceChild(a,d)}}}var d=!1,e=!1;if(b.querySelector)if(a.addEventListener)d=!0;if(a.wp=a.wp||{},!a.wp.receiveEmbedMessage)if(a.wp.receiveEmbedMessage=function(c){var d=c.data;if(d.secret||d.message||d.value)if(!\/[^a-zA-Z0-9]\/.test(d.secret)){var e,f,g,h,i,j=b.querySelectorAll('iframe[data-secret=\"'+d.secret+'\"]'),k=b.querySelectorAll('blockquote[data-secret=\"'+d.secret+'\"]');for(e=0;e<k.length;e++)k[e].style.display=\"none\";for(e=0;e<j.length;e++)if(f=j[e],c.source===f.contentWindow){if(f.removeAttribute(\"style\"),\"height\"===d.message){if(g=parseInt(d.value,10),g>1e3)g=1e3;else if(~~g<200)g=200;f.height=g}if(\"link\"===d.message)if(h=b.createElement(\"a\"),i=b.createElement(\"a\"),h.href=f.getAttribute(\"src\"),i.href=d.value,i.host===h.host)if(b.activeElement===f)a.top.location.href=d.value}else;}},d)a.addEventListener(\"message\",a.wp.receiveEmbedMessage,!1),b.addEventListener(\"DOMContentLoaded\",c,!1),a.addEventListener(\"load\",c,!1)}(window,document);\n\/\/--><!]]>\n<\/script><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"http:\/\/www.MySiteName.com\/embed\/\" width=\"600\" height=\"338\" title=\"“Home” — MySiteName\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe>"}

    It seems as if someone found a way in to I don’t really know what.

    What can I do about this?

Viewing 3 replies - 1 through 3 (of 3 total)
  • mountainguy2

    (@mountainguy2)

    8 years, 3 months ago

    If you don’t need embeds, which are another attack surface WordPress has gifted us with and I’m so incredibly thankful for (sarcasm) turn it OFF with a plugin, I use “Disable Embeds” works well. If you leave embeds enabled, all bets are off. MTN

    Thread Starter justwander

    (@justwander)

    8 years, 3 months ago

    @mountainguy2
    I’m not sure what you mean, not much of a geek brain.

    The first entry is a page someone tried to access.

    The second is where it led.

    From what you are saying this is not a real page, just something to retrieve information.

    It all looks like so much gobbledygook to me. I am looking into “Disable Embeds” right now.

    wfalaa

    (@wfalaa)

    8 years, 3 months ago

    Hi @justwander
    This code snippet you shared isn’t malicious, it’s related to oEmbed function which provides an easy way to embed content from one site to another. I suggest checking this tutorial to know more about this function and a couple of options to set it disabled in case you decided doing so.

    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘json Attempt – What does it mean?’ is closed to new replies.