Forums

WordPress › Support » Plugins and Hacks

Definitive post/answer/rule on WP containing eval() & base64_decode() functions? (4 posts)

  1. kaidez
    Member
    Posted 11 months ago #

    Hello all. I've been focusing more and more on security and have been using Exploit Scanner to help me. When I ran ES, it listed a whole bunch of files that contained both eval() and base64_decode() functions, which can be bad.

    I searched through the WP Forums and found this past post on the subject. It seems to say that the fact that these functions exist in your WP install does necessarily mean that they're malicious but I'm wondering if there's any more definitive discussion on the subject somewhere?

    One thing's for certain: I see the value in using as few plugins as possible in any future WP installations...quality not quantity.

  2. Rev. Voodoo
    Volunteer Moderator
    Posted 11 months ago #

    Have you decoded any of that stuff to see what's going on?

  3. kaidez
    Member
    Posted 11 months ago #

    Hi Rev. Voodoo...thanx for responding!

    In truth, I haven't. Will a tool like this be ok?

  4. Rev. Voodoo
    Volunteer Moderator
    Posted 10 months ago #

    I would think any decoder will work

    http://wordpress.org/support/topic/how-to-decrypt-an-encoded-theme?replies=3

    Here's some good info

    I'm always very suspicious of the encoded stuff. Won't touch it with a pole normally

Reply

You must log in to post.

About this Topic

Tags