iframe injections into themes

  • needsomeanswers

    (@needsomeanswers)


    11 years, 4 months ago

    I have recently been hacked on a self hosting Redhat server. As a result, all of my theme folders have been hacked with an iframe injection.

    I have 400+ themes installed so reinstalling them all one-by-one isn’t really an option.

    I would delete them all and just have my users reinstall what they would like, but if i delete them, the wordpress sites don’t work.

    So my question is how do i either (a)reinstall them (b)delete them and still keep the sites working.

    Thank you!

Viewing 10 replies - 1 through 10 (of 10 total)
  • tomontoast

    (@tomontoast)

    11 years, 4 months ago

    If all the themes are on downloads.wordpress.org then you could probably write a script to download and install all the themes.

    If you delete the themes the sites will still work but with the default twenty eleven or twenty twelve theme (if it exists)

    Thread Starter needsomeanswers

    (@needsomeanswers)

    11 years, 4 months ago

    I don’t even know where to start on a script that would do that.

    I tried to delete all the themes – but there isn’t one that loads in its place. The only thing that comes up is a white, blank screen.

    tomontoast

    (@tomontoast)

    11 years, 4 months ago

    Try looking at the default wordpress theme installer and adapt it to install more than one theme.

    You need to leave at least the default twenty eleven or twenty twelve theme otherwise you do just get a blank screen.

    Thread Starter needsomeanswers

    (@needsomeanswers)

    11 years, 4 months ago

    What is the default wordpress theme installer?

    I have left the twentyten, twentyeleven, and twentytwelve themes inside. Along with index.php. Still blank.

    tomontoast

    (@tomontoast)

    11 years, 4 months ago

    Thats weird maybe due to it being multisite.

    See http://core.trac.wordpress.org/browser/trunk/wp-admin/update.php

    Thread Starter needsomeanswers

    (@needsomeanswers)

    11 years, 4 months ago

    does anyone know how to reset all blogs to just one theme?

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    11 years, 4 months ago

    You’d have to edit the either in the DB or the network admin -> Sites -> edit method.

    Thread Starter needsomeanswers

    (@needsomeanswers)

    11 years, 4 months ago

    I’ve tried to edit the DB, but i don’t think i am updating the right table. If i type in “SHOW TABLES;”, it will list thousands of “wp_” rows.

    Do we know which table exactly to edit?

    Thread Starter needsomeanswers

    (@needsomeanswers)

    11 years, 4 months ago

    What about reinstalling all themes? Since all of my themes have been clouded in maleware, i can just re-download a fresh copy of all of them.

    I have messed around with “wget http://wordpress.org/extend/themes/download/twentyten.1.5.zip” and it works. I can also get each theme name. The only problem is that i don’t know the version numbers of all of my themes.

    Does anyone know of a way to download 400+ themes without knowing the version number?

    *or of course doing them one by one

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    11 years, 4 months ago

    wp_x_options

    You want to edit template and stylesheet

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘iframe injections into themes’ is closed to new replies.