Possible attack flow for a Windows 7 running WebMatrix serving Wordpress

["Jed R. Mallen" <jedmallen () gmail com>]

Hi guys,

Our team is tasked to do a security analysis of a local Windows 7
machine running WebMatrix and a Wordpress blog running on it.

We are not really a security team (we're part of the dev group) but we
were chosen at random and tasked to come up with a list of possible
vulnerabilities for this machine setup.

I'm thinking we should break down the attack process to basically 3:

1. Windows 7
- open ports
- available services

2. WebMatrix

3. Wordpress
- XSS
- SQL attacks

Also we are not allowed to down the machine (DDoS). Just an admin
prompt would be enough (and maybe leave a flag or something, we
haven't decided yet).

Questions are:
1. How should we start the flow of the attack?
2. What security sources should we check for a list of known
vulnerabilities and payloads.
3. Any specific app (win32 or *nix based) that can be used (eg: nmap, etc.).

We've done a websecurify (via BackTrack 5.0) run on the site but it
downed the MySQL server.

Any help would be greatly appreciated!

All the best,

/Jed

-- 
Jed R. Mallen | GPG key ID: 81E575A3 fp: 4E1E CBA5 7E6A 2F8B 8756
660A E54C 39D6 81E5 75A3 | http://jedmallen.com

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------