WordPress › Support » wordpress hacked

eyebeat
Member
Posted 2 years ago #

Hi,

My blogs have been hacked and I found this backward code that is warned about in other posts in this forum. I found it but I have no idea what to do about it. Here it is:

FROM information_schema.PROCESSLIST
WHERE (
ID LIKE '%(edoced_46esab(lave%'
OR USER LIKE '%(edoced_46esab(lave%'
OR HOST LIKE '%(edoced_46esab(lave%'
OR DB LIKE '%(edoced_46esab(lave%'
OR COMMAND LIKE '%(edoced_46esab(lave%'
OR TIME LIKE '%(edoced_46esab(lave%'
OR STATE LIKE '%(edoced_46esab(lave%'
OR INFO LIKE '%(edoced_46esab(lave%'
)
LIMIT 0 , 30
esmi
Theme Diva & Forum Moderator
Posted 2 years ago #

http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottodestruct.com/blog/2009/hacked-wordpress-backdoors/
eyebeat
Member
Posted 2 years ago #

Been to all of those links and tried to follow their suggestions to the best of my ability.
James
Happiness Engineer
Posted 2 years ago #

Just like the guides say, remove the suspicious code. If it's a core WordPress file, just replace it with the file from a fresh download.

Topic Closed

This topic has been closed to new replies.