Hidden Super Admin

  • Resolved Blogurp

    (@blogurp)


    11 years, 2 months ago

    Someone has asked me to help them with a problem and I cannot find any current solution to the problem, only old solutions for outdated WP versions. There is a hidden extra super admin in their install, presumably in the database. Anyone know how to get rid of it?

    They noticed that the real super admin made a bunch of spam posts and also noticed that there were a bunch of accounts constantly uploading posts. They managed to upload over 50,000 posts in a couple days, all amazon.com affiliate blog posts. There were also a bunch of ebook download posts that were all being posted directly from 127.0.0.1. They figured out who these people were and got rid of them, but the extra super admin still remains.

    The original super admin account has issues. Sometimes it cannot view the front end of the install when coming from the dashboard and cannot view certain sections inside the dashboard that let the super admin see live traffic; however, when original super admin switches to a backup super admin, everything works fine, and that is not logging out and bringing up a new browser, that is switching within the same session.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    11 years, 2 months ago

    There is a hidden extra super admin in their install, presumably in the database. Anyone know how to get rid of it?

    look in the wp_sitemeta table for the site admins field. you’ll see a value like this:

    a:1:{i:0;s:6:"andrea";}

    If you have more than one person, there’s your problem. Change it to

    a:1:{i:0;s:7:"Blogurp";}

    NOTE: s:7 is a string length. If the user ID was foobarbazbot, then it’d be s:12 instead. Also it’s case sensitive.

    Thread Starter Blogurp

    (@blogurp)

    11 years, 2 months ago

    Thanks, that worked. I had to clean up the overhead on the database to get the site working right and then when I got to sitemeta table I was able to see the hidden super admin. It was not one that was injected maliciously. It was one they made themselves without sending an activation link, then they granted super admin to it, then they must have removed super admin privileges or something, I am not quite sure how that happened, but that user was listed as super admin in the database, but had no super admin privileges listed on the site itself, so, it was hidden from dashboard view somehow.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hidden Super Admin’ is closed to new replies.