Forums

WordPress › Support » How-To and Troubleshooting

SQL injection/wordpress hacked (3 posts)

  1. tyrspawn
    Member
    Posted 12 months ago #

    In the middle of the night I noticed that my website was re-directing to somewhere, although it never loaded any other pages, it would just stall indefinitely. I found this injected into my index.php:

    http://pastebin.com/e9mXJZRh

    Removing the injection fixes my website, but it seems to return every night at around 3 AM eastern. I would love some help tracking it down. I tried to search for parts of that in phpmyadmin, but I have never dealt with anything like this before and don't really know what to search for, or what to do. Please help.

    Oh and I know plugins might be related to this. I am/was running:

    Akismet
    Twitter Tools 2.4
    WordPress Database Backup

    The wordpress database backup randomly stopped working awhile back, so something might be broken with it. Regardless, I disabled that plugin now. I doubt Akismet or Twitter Tools are causing a problem, but i'm open to your ideas.

  2. keesiemeijer
    moderator
    Posted 12 months ago #

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

  3. tyrspawn
    Member
    Posted 12 months ago #

    I changed my wordpress login/password, sql password and admin password for my website. Today I found a new injection, my DB is apparently still compromised (I assume it's my DB at least).

    http://pastebin.com/Qs066QGJ

    Some more details:

    The injection is a re-direct which keeps attempting to re-direct to BRUTERGASED.INFO

    The injection is a trojan, redirme-inf. That's what avast anti virus is picking up. I would appreciate help...

    I deleted the store of all my spam comments, so I don't think its hiding in a comment somewhere. I'm not sure where else it would, or what to search for. I have phpmyadmin and can do search queries, but have no idea what it would look like. I tried searching for eval and lave as per one of those thinks, and some other keywords, but was unable to find anything .

Reply

You must log in to post.

About this Topic

Tags