cache76.php file inside inc folder

Viewing 9 replies - 1 through 9 (of 9 total)

  • Hi Susa38,

    That sounds questionable. I did a simple default install, brought the files over via SFTP and found nothing like what you describe.

    I found the following:

    class-custom-sidebars-editor.php
    class-custom-sidebars-explain.php
    class-custom-sidebars-replacer.php
    class-custom-sidebars-widgets.php
    class-custom-sidebars.php

    I created a simple sidebar and brought the files over a second time and found no change.

    That might warrant some digging.

    Best of luck,

    Mike

    Thread Starter Susa38

    (@susa38)

    Thanks a lot Mike. I do not know if you are member of the developer team of the plugin so I would like to corroborate this question.
    I know that this file is not normal on new installs.
    I would like to know if it’s an old version file or some file that now is not in use but was installed by the plugin or not.

    Please, Could some member of the developer team comment something about this file?

    Hey there Susa38,

    Hope you’re well today!

    This is definitely not a part of the plugin in the current version of it. I don’t recall having such file before as well but I’ll have to consult our plugin developer on this one just to make sure this wasn’t a part of some old versions.

    It would also help if you could paste the code from that file so we can check it out. If there is just a few lines you can paste it here, otherwise please use https://pastebin.com/ and paste the link where we can see this.

    Looking forward for your response ??

    Best regards,
    Bojan

    Thread Starter Susa38

    (@susa38)

    I have revised the backups of my site and there is not this file in older versions. In 20 may 2015 someone insert this inside. I suposse a hacker but I’m not sure if it’s possible the system plugin made it. I think not propably by your words.
    I do not know if it was inserted by a plugin hole or by other raison

    I can sendto you the code but I would like to send to you in private because i do not understand the code and I do not know if it has some private information of my wordpress configuration.

    Is it possible that I paste the code in pastebin.com in private mode and send to you an email with the password to see the code?

    thanks

    Hey again Susa38,

    Such files shouldn’t have any sensitive data but I can’t say that for sure so it is actually a good idea to send it to us privately. Also this doesn’t mean that the hole is within Custom Sidebars plugin just because the file is placed there.

    You can use our contact form here https://premium.wpmudev.org/contact/ using this template:

    Subject: “Attn: Bojan”
    -link back to this thread for reference
    -any other relevant urls

    Select “I have a different question” for your topic – this and the subject line ensure that it gets assigned to me ??

    Best regards,
    Bojan

    Thread Starter Susa38

    (@susa38)

    Thanks Bojan.
    I know that probably is not a hole from custom sidebars plugin. Only I comment this to help the developers of the plugin if it was the case.

    I have sended to you the information on your contact form

    thanks a lot

    Hey again Susa,

    Thanks for sending us code from the file, upon closer inspection this is definitely material for removing!

    It contains eval that allows you to execute php so this might be used to make a hole in your site which can be later used for something. You can find more info about eval here https://php.net/manual/en/function.eval.php.

    Please remove the file from your site.

    Best regards,
    Bojan

    Thread Starter Susa38

    (@susa38)

    Thanks a lot Bojan.

    Glad I could help ??

    Have a great day!

    Cheers,
    Bojan

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘cache76.php file inside inc folder’ is closed to new replies.

Tags