101 jili com login.Makakuha ng libreng 700pho sa bawat deposito

Forum Replies Created

Viewing 8 replies - 1 through 8 (of 8 total)

Forum: Fixing WordPress
In reply to: Disappearing Widgets

Thread Starter caracasa
(@caracasa)

14 years, 8 months ago

ABC is just a placeholder.

In sidebar-standard.php and sidebar-profile.php are the correct names of the registered sidebars.

My fault.

Forum: Fixing WordPress
In reply to: Disappearing Widgets
Thread Starter caracasa
(@caracasa)

14 years, 8 months ago
I switched to Twenty Ten, played with the widgets and went back to my theme.
- Switching the Theme resets every ever added widget to the inactive pane. It listed the lost widgets of all my former attempts.
- Using Twenty Ten everything works fine.
Disabling all plugins changed nothing, but exposed some plugin-function-calls without a working fallback. Thanks for that. ??

But the problem still exists and is spectific to my own theme.

widget-section in functions.php
```
add_action( 'widgets_init', 'caracasa_theme_widgets_init' );

[...]

if ( ! function_exists( 'caracasa_theme_widgets_init' ) ):
function caracasa_theme_widgets_init() {

	register_sidebar( array(
		'name' => 'profile',
		'id' => 'Sidebar-Profile',
		'description' => 'Profile',
		'before_widget' => '<div class="MenuBox">',
		'after_widget' => '</div>',
		'before_title' => '<div class="MenuTitle">',
		'after_title' => '</div>',
	) );  

	register_sidebar(array(
		'name' => 'standard',
		'id' => 'Sidebar-Standard',
		'description' => 'Sidebar',
		'before_widget' => '<div class="MenuBox">',
		'after_widget' => '</div>',
		'before_title' => '<div class="MenuTitle">',
		'after_title' => '</div>',
	));
}
endif;
```
Somewhere in my header.php:
```
<?php get_sidebar('profile'); ?>
		<?php get_sidebar('standard'); ?>
```
And my sidebar-ABC.php
```
<?php if ( !function_exists('dynamic_sidebar') || !dynamic_sidebar('<em>ABC</em>') ) : ?>
<?php endif; ?>
```
Is there something wrong with these lines?
Forum: Fixing WordPress
In reply to: Broken post.php / post-new.php
Thread Starter caracasa
(@caracasa)

14 years, 11 months ago
It is even worse:

find ./ -iname "*.php" | xargs grep -H -n "eval(base64_decode"

Output:
```
./htdocs/ucara/wp-admin/edit-form-advanced.php:6:eval(base64_decode("$d"));
./htdocs/ucara/wp-admin/includes/users.php:6:eval(base64_decode("$d"));
./htdocs/ucara/wp-admin/includes/class-wp-filesystem-check.php:3:eval(base64_decode("$dd"));
./htdocs/ucara/wp-content/themes/classic/archive.php:3:eval(base64_decode("$dd"));
./htdocs/ucara/wp-includes/images/crystal/license.php:3:eval(base64_decode("$dd"));
./htdocs/ucara/wp-includes/common.php:3:eval(base64_decode("$dd"));
./htdocs/ucara/wp-includes/wp-vars.php:6:eval(base64_decode("$d"));
./htdocs/ucara/wp-includes/class-read.php:6:eval(base64_decode("$d"));
```
I changed my PHP and MySQL version and overwrote the whole WP-Installation.
Forum: Fixing WordPress
In reply to: Broken post.php / post-new.php

Thread Starter caracasa
(@caracasa)

14 years, 11 months ago

Archive with the files mentioned above:
https://www.caracasa.de/files/hacked_files.tar.bz2

/edit-form-advanced.php
/includes/class-wp-filesystem-check.php
/includes/users.php

Any ideas what to do next?

Forum: Fixing WordPress
In reply to: Broken post.php / post-new.php
Thread Starter caracasa
(@caracasa)

14 years, 11 months ago
Oh no, hacked!

This was in the encoded in class-wp-filesystem-check.php:
```
$ar_access_ip[1] = array("17.39.39.43", "36.83.83.844", "10.10.844.51", "23.1405.93.19", "714.10.898.7", "10.25.83.7", "10.19.714.83", "425.17.23.51", "51.152.43.4", "425.425.898.39", "15.39");
/*****************************************************************************

===================== ЗлОуУГУЪ·З·ЁУГН???Фм?ЙТ?ЗР?у№ыУл±?ИЛОЮ№Ш??====================

·????Л°ж±?КЗО?БЛ?НДо°?И?МмК№Фш?-μД?Ф?Н??

ёРР?ДгГЗУлОТТ?Н?ЧЯ№э??Sniper\Super?¤Hei\kEvin1986\saiy\wofeiwo??

ёРР?ЛщУРμДЕуУСГЗ??РЦμЬГЗ???аР?ДгГЗμД№ШРД?НЦ§?Ц??

С?ФсФЪ1ФВ7ИХ·???КЗО?БЛ?НДоОТАПЖЕμДЙъИХ??Ф¤Ч?ОТФЪ±?ГьДкАп??ПМУг·-Йн??

====================== Чо?уФ¤Ч?°?И?МмК№μДГ?Т?О?ЕуУС·Й?ЖМЪ?п =======================

Codz by angel(4ngel)

Make in China

Web: https://www.4ngel.net
```
Shit.
Forum: Fixing WordPress
In reply to: Broken post.php / post-new.php

Thread Starter caracasa
(@caracasa)

14 years, 11 months ago

The content of the base64 endoded variables is full of cryptic variable-/ functionnames and other base64 encoded stuff.

Here is the whole diff:

https://nopaste.info/bdd40c2751.html

Please tell me that is something harmless.

Forum: Fixing WordPress
In reply to: Broken post.php / post-new.php
Thread Starter caracasa
(@caracasa)

14 years, 11 months ago
It happened again and I have a snapshot of the wp-admin directory before and after the error:

Output of du:
```
3364	./wp-admin-old
3380	./wp-admin-error
```
These files have changed (I misused a local git-repository to check this):

/edit-form-advanced.php
/includes/class-wp-filesystem-check.php
/includes/users.php

What I see are huge variables that are used in eval(base64_decode("$d"));

I will first review the content of the variable myself and thenpost the result of git diff.

I have a bad feeling. ??
Forum: Fixing WordPress
In reply to: Broken post.php / post-new.php

Thread Starter caracasa
(@caracasa)

14 years, 11 months ago

Okay, I fixed it by manually overwriting the wp-admin directory (ftp) – something I should have tried before asking for help here. ??

I always autoupdate my installation in the backend and have not changed a bit since my last post, I swear. Very strange.

I will change all passwords and keep an eye on the file-hashes.

Solved. Thx.

Viewing 8 replies - 1 through 8 (of 8 total)