Title: Hacked – db Last modified: August 21, 2016 --- # Hacked – db * [blackessej](https://wordpress.org/support/users/blackessej/) * (@blackessej) * [13 years, 1 month ago](https://wordpress.org/support/topic/hacked-db/) * A couple of my wordpress sites got hacked. I’ve manually updated to 3.5.1, and I’ve manually updated all plugin files as well. I changed my admin name AND password, as well as change the db password in cpanel. I’ve also diligently checked through the entire wordpress core, themes folder, and uploads folder and found nothing. I’ve also tried disabling my child theme and all plugins. The malicious code, I believe therefore, is in my database, possibly in the wp_posts table. And that’s about where my knowledge on how to find and correct the problem ends, as I’m not an experienced SQLer. I know that whatever it is keeps modifying files in the wp-includes folder, adding an iframe at the top of certain js files. But when I try to search through my db for references to iframes, I find nothing. I keep installing a clean WP build, the site stays up for a little while, and then it throws me a fatal error after a while. * Anyone know how I can root out the problem in the db? Viewing 3 replies - 1 through 3 (of 3 total) * [Krishna](https://wordpress.org/support/users/1nexus/) * (@1nexus) * [13 years, 1 month ago](https://wordpress.org/support/topic/hacked-db/#post-3640580) * > Anyone know how I can root out the problem in the db? * You need to do that manually by going through the entire length of the database, by manually checking each database table, by searching and removing the problematic strings/ codes, and many more methods. It is really not that easy for a person who cannot identify strings/ codes that are malicious. * Remember that hackers usually leave back doors or holes through which they can easily walk in straight again and start their malicious stuff. So, removing all such back doors is one of the most important steps. * I would suggest that you read the entire resources that are usually provided for hacked sites. * Thread Starter [blackessej](https://wordpress.org/support/users/blackessej/) * (@blackessej) * [13 years, 1 month ago](https://wordpress.org/support/topic/hacked-db/#post-3640623) * > You need to do that manually by going through the entire length of the database, > by manually checking each database table, by searching and removing the problematic > strings/ codes, and many more methods. It is really not that easy for a person > who cannot identify strings/ codes that are malicious. * Thanks, Krishna. This I have tried, but you’re right in that it’s difficult and I’m not knowledgeable enough to know how/where to look. Any links to excellent resources that I can try? * [Krishna](https://wordpress.org/support/users/1nexus/) * (@1nexus) * [13 years, 1 month ago](https://wordpress.org/support/topic/hacked-db/#post-3640648) * Give a good read of these resources: [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779) [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/) [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html) Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Hacked – db’ is closed to new replies. ## Tags * [hacked wordpress](https://wordpress.org/support/topic-tag/hacked-wordpress/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 3 replies * 2 participants * Last reply from: [Krishna](https://wordpress.org/support/users/1nexus/) * Last activity: [13 years, 1 month ago](https://wordpress.org/support/topic/hacked-db/#post-3640648) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics