eval in php file triggering a virus alert | WordPress.org

Resolved brent3721
(@brent3721)

11 years, 4 months ago
I just got an alert from my virus scanner that the file in js/min/ called jquery-ui-dialog.php might have a virus.

I opened the file and it’a a base 64 eval
```
<?php
eval(gzinflate(base64_decode('.... I'm removing a ton of code here.....')));
?>
```
is this normal or do i have a virus in the plugin ?

https://wordpress.org/plugins/crayon-syntax-highlighter/

Viewing 3 replies - 1 through 3 (of 3 total)

Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

11 years, 4 months ago

Your site is hacked. You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
http://blog.sucuri.net/2010/07/understanding-and-cleaning-the-pharma-hack-on-wordpress.html

Thread Starter brent3721
(@brent3721)

11 years, 4 months ago

ugh…

Plugin Author akarmenia
(@akarmenia)

11 years, 4 months ago

Good to see it’s not an issue affecting all users at least.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘eval in php file triggering a virus alert’ is closed to new replies.

Tags

eval

3 replies
3 participants
Last reply from: akarmenia
Last activity: 11 years, 4 months ago
Status: resolved