Dream slot app.Makakuha ng libreng 700pho sa bawat deposito

Resolved grungepuppy
(@grungepuppy)

14 years, 6 months ago

posting on behalf of a friend of mine who recently had some suspicious returns on the google analytics.

upon viewing the source of her site, i found a huge list of hidden links.

i searched this forum for similar problems and answers and found some good info, but i’m still unsure as to why and how this happened.

she’s running the latest version. to help her out i ran exploit scanner. the results showed several entries related to the plugins ‘sociables’ and ‘nextgen gallery’ as well as the theme ‘fresh’. it seems to point to various bits in jquery and js files.

so… what should i about those specific items? i plan on sanitizing her directory, start with a new install, hand comb her database entries for dubious content, and change all passwords, but what of those things? should i not have her use nextgen and sociables plugins? or use that theme?

Viewing 4 replies - 1 through 4 (of 4 total)

Moderator James Huff
(@macmanx)

14 years, 6 months ago

More than likely the code was injected into the files. This can be done a variety of ways and usually is the result of insecure file permissions (files should be set to 644) or a poorly secured shared hosting provider. Just carefully follow this guide and all should be well:

https://codex.www.ads-software.com/FAQ_My_site_was_hacked

Daniel Cid
(@ddsucurinet)

14 years, 6 months ago

This attack seems to be getting a lot of sites using old versions of WordPress. And even if she is updated right now, she might have been infected before…
Some details:
https://blog.sucuri.net/2010/05/it-is-not-over-seo-spam-on-sites.html
https://blog.sucuri.net/2010/05/seo-spam-network-details-of-wp-includes.html
https://blog.sucuri.net/2010/05/seo-spam-network-code-used-and-more.html

Mark Ratledge
(@songdogtech)

14 years, 6 months ago

How to completely clean your hacked wordpress installation

Thread Starter grungepuppy
(@grungepuppy)

14 years, 6 months ago

hmmm… interesting.

i was all set to post about my failed attempt, but then i realized i didn’t switch out the INDEX.PHP file the site’s root (we have the site point to site.com and the wordpress stuff in site.com/wp)

within that file was aaaaaaaaaaaaall the hidden links that were showing up in the viewsource. i am still unsure what caused it in the first place, so i’ll be keeping my eyes peeled. i started her off with a fresh install and reinstalled some plugins.

thanks for the help fellas!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Site hacked and Q’s about Exploit Scan results’ is closed to new replies.

Site hacked and Q’s about Exploit Scan results

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics