Infected with adminer.php

  • Resolved mross55

    (@mross55)


    8 years, 2 months ago

    Here is an infection on site. What’s the best way to deal with it – should I just delete the file from admin?

    File appears to be malicious: adminer.php

    Filename: adminer.php
    File type: Not a core, theme or plugin file.
    Issue first detected: 3 mins ago.
    Severity: Critical
    Status New

    This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “if($_GET[“file”]==”favicon.ico”){header(“Content-Type: image/x-icon”);echo lzw_decompress(“. The infection type is: G311 – obuscated code

    Thanks

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter mross55

    (@mross55)

    I think this is a incorrectly categorised as an infection. Adminer, from what I’ve researched is not a critical issue – but ofcourse I could be wrong!

    “Adminer (formerly phpMinAdmin) is a full-featured database management tool written in PHP. Conversely to phpMyAdmin, it consist of a single file ready to deploy to the target server. It is available for MySQL, PostgreSQL, SQLite, MS SQL, Oracle, Firebird, SimpleDB, Elasticsearch and MongoDB.”

    In any case, it was easy to delete via ftp.

    • This reply was modified 8 years, 2 months ago by mross55.

    Agreed … that line of code (being as though it’s on one line), was probably added by some other plugin, theme, or person that was able to exploit your site. You should absolutely verify other plugins or your site has not been infected … i see this a lot where malware will add code to other files to reproduce itself and make it try and look legit

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Infected with adminer.php’ is closed to new replies.