Hacker diagnosis

  • Resolved goldeneagle

    (@goldeneagle)


    17 years, 10 months ago

    Hi
    My site has been hacked by some Iranian hackers. Clicking on any of the category archives or calendar archives gives me this message:

    [In The Name Of Allah]

    We Are: Fireman , Mohajem.Secret , Samir , Jaber , dj7xpl , Kouros , MAZHAR_F@S}{IST

    Mohajem UnderGround Team
    —————————————–
    Don’t worry admin , all of data are safe
    —————————————–
    Iranian Are The Best Hackers In The World Of 0 & 1
    —————————————–
    Special tanx : All Iranian Security Teams

    Mohajem UnderGround Team
    https://wWw.Mohajem.Net_

    Any ideas about how they did this, and how to fix it? First up, the .htaccess file seems to be untouched.
    Thanks
    Philip
    https://www.londonkoreanlinks.net

Viewing 4 replies - 1 through 4 (of 4 total)

  • Have you checked yout theme’s category.php and/or archive.php file for this? If you’re only seeing it when you pull up the archives, that would be my first guess.

    Thread Starter goldeneagle

    (@goldeneagle)

    Thanks drmike
    I isolated the problem as being somewhere in the theme’s templates, as you correctly identified. So I’ve now overwritten them with my back-up copy and the problem’s fixed. I’ve saved copies of the hacked theme so I can work out what they did, and am in touch with my webhost to figure out how they did it.
    Now all I’ve got to do is fix all the bugs caused by my upgrade to WordPress 2.1 ??
    Thanks for your help.
    Philip

    What version were you using, and which theme?

    Thread Starter goldeneagle

    (@goldeneagle)

    It wasn’t a WP problem. It was my total innocence in relation to access rights on a shared webhosting package. This was a free lesson for me!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Hacker diagnosis’ is closed to new replies.