HACKED....but....cannot access dashboard to fix. (5 posts)

  1. copper
    Posted 6 years ago #

    Yes, I'm a victim of this hack going around as discussed in the sticky post. I have a blog that I haven't updated in ages, hence I haven't updated my version of WP in forever. Please don't lecture me on this account; obviously I've learned my lesson.

    Both of my sites are affected, one is a WP blog, the other is not but has remnants of files of an old WP blog backup.

    I would love to follow the instructions on this page:


    yet I cannot access my dashboard to fix the problems, export my content, or update WP. I just get the "REPORTED ATTACK SITE!" warning wherever I go on my sites, even when I go to my bookmarked admin login page. Even if I click the little "ignore this warning" link. I get a plain-text login page, so I log in, but that brings me right back to the red warning page.

    I know I could do a file/database backup and do a fresh install, but I'm trying to avoid that as I don't have Dreamhost admin status; I'm using a friend's server space. Though if need be I'll contact her.

    Any help with accessing my WP dashboard would be very much appreciated.

    If this issue has already been discussed I apologize, but I searched all over the place and found nothing.


    tremblings.com (WP blog)
    blackravenvintage.com (no blog, but there are remnants of an old WP blog backup)

  2. Roy
    Posted 6 years ago #

    Do you have FTP access, or even better, a file manager in your control panel? If so, check the other threads to learn which are mostly the edited and added files and edit them back, see if that helps you gaining access to your admin.

  3. copper
    Posted 6 years ago #

    Hi Gangleri, thanks for the reply.

    I do have FTP access, but I'm not totally sure, even after reading related posts, which files to edit.

    However, I do see the "eval/decode" iframe thingy followed by a bunch of meaningless text jargon in the index.php files for each theme. I can certainly edit and upload those files. I'm not sure which file to edit to get rid the the hidden user, though?

    My sites are listed as attack sites through Google. Not sure if I can pass the Google review or whatnot without deleting the extra user even if I edit the index files? And without passing the review I will never be able to access admin, I'm guessing. I cannot even verify my sites through Google Webmaster Tools.

    Does this make any sense?

  4. whooami
    Posted 6 years ago #

    hey copper,

    you cant fix this through your admin area, totally, and you dont need to worry about editing files. Delete any files that have been altered and upload clean ones in their place.

    if you need help, shoot me an email, ill give you a hand.


    everything you mention gets taken care of as you go through the process of cleaning things up.

  5. copper
    Posted 6 years ago #

    Thanks so much whooami.... I'll try my best to replace the files that have been corrupted and if I'm still having problems I'll drop you a line!

Topic Closed

This topic has been closed to new replies.

About this Topic