eclarian

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

  • The php.ini file is in the root of your account folder ABOVE public_html.

    So the folder structure would be like this:

    ../php.ini
    ../public_html/index.php
    ../public_html/wp-admin/js/config.php
    ../public_html/wp-admin/common.php
    ../public_html/wp-admin/udp.php
    ../public_html/wp-content/udp.php
    ../public_html/wp-content/uploads/feed-file.php
    ../public_html/wp-content/uploads/feed-files.php

    REMEMBER TO FIX YOUR INDEX FILE. It loads an external script which writes an iframe inside your site.

    CHECK YOUR PHP.INI FILE AS WELL!!!! It enables remote debugging! Make sure to clear out your php.ini file.

    Also make sure you change ALL your passwords. It has a MD5 Cracking Script that cracks your current passwords.

    This script embeds an iframe within your site from another site “https://global-traff.com” and this could possibly hijack any other current sessions that your browser has open (such as to Facebook, Twitter, etc.)

    Clear your cookies and change the passwords for everything you have and especially those things that were currently open at the time that this occurred.

    ALSO NOTE: This may be a vulnerability within WordPress itself because we did not have the plugin mentioned above.

Viewing 2 replies - 1 through 2 (of 2 total)