WordPress.org

Ready to get started?Download WordPress

Forums

AntiVirus
TimThumb.php (2 posts)

  1. rotello
    Member
    Posted 1 year ago #

    I ve a couple of website with Gabfire theme, they use timThumb...
    since August 2011 (when hackers used timthumb.php to make disaster) i m using a wp plug in to keep it updated.
    So It SHOULD be safe...
    Never the less the Antivirus have a lot of warnings...
    are they false positive ?

    thank?

    rot

    ps if you need the code with warnings i can copy and paste

    http://wordpress.org/extend/plugins/antivirus/

  2. gpsy1
    Member
    Posted 1 year ago #

    Im getting virus suspected message when i scan with antivirus there is the message below, but im not sure what does it mean. When i scan with other antivirus or web based antivirus scan nothing is detected. Can anybody help?

    /themes/Canyon/timthumb.php

    $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAA ...

    ... WXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb DULB3RP6JuPuaGfuuV4fumf8Puvq ...

    ... C2NQ5MQ4ZNao9Ynzjl9ScNYpnebnDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs=");

    if(! is_file($this->cachefile)){

    } else if(is_file($this->cachefile)){ //If it's not a local reque ...

    if(! is_file($lastCleanFile)){

    ... 'png' && OPTIPNG_ENABLED && OPTIPNG_PATH && @is_file(OPTIPNG_PATH)){
    ... ng' && PNGCRUSH_ENABLED && PNGCRUSH_PATH && @is_file(PNGCRUSH_PATH)){

    s if(is_file($tempfile2)){

    $fp = fopen($tempfile,'r',0,$context);

    file_put_contents($tempfile4, $this->filePrependSecurityBlo ...
    s file_put_contents($tempfile4, $fp, FILE_APPEND);

    fclose($fp);

    $fh = fopen($lockFile, 'w');
    fclose($fh);

    fclose($fh);

    if(is_file($file)){

    if(! is_file(WEBSHOT_CUTYCAPT)){

    if(! is_file(WEBSHOT_XVFB)){

    if(! is_file($tempfile)){

    if(! is_file($this->cachefile)){

    $fp = fopen($this->cachefile, 'rb');

    $imgType = fread($fp, 3);

    $bytesSent = @fpassthru($fp);

    fclose($fp);

    $content = file_get_contents ($this->cachefile);

    self::$curlFH = fopen($tempfile, 'w');

    $curl = curl_init($url);

    $curlResult = curl_exec($curl);

    fclose(self::$curlFH);

    $img = @file_get_contents ($url);

    if(! file_put_contents($tempfile, $img)){

    s $bytes = @readfile($file);

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic