Support » Networking WordPress » iframe injections into themes

  • NeedSomeAnswers

    (@needsomeanswers)


    I have recently been hacked on a self hosting Redhat server. As a result, all of my theme folders have been hacked with an iframe injection.

    I have 400+ themes installed so reinstalling them all one-by-one isn’t really an option.

    I would delete them all and just have my users reinstall what they would like, but if i delete them, the wordpress sites don’t work.

    So my question is how do i either (a)reinstall them (b)delete them and still keep the sites working.

    Thank you!

Viewing 10 replies - 1 through 10 (of 10 total)
  • tomontoast

    (@tomontoast)

    If all the themes are on downloads.wordpress.org then you could probably write a script to download and install all the themes.

    If you delete the themes the sites will still work but with the default twenty eleven or twenty twelve theme (if it exists)

    NeedSomeAnswers

    (@needsomeanswers)

    I don’t even know where to start on a script that would do that.

    I tried to delete all the themes – but there isn’t one that loads in its place. The only thing that comes up is a white, blank screen.

    tomontoast

    (@tomontoast)

    Try looking at the default wordpress theme installer and adapt it to install more than one theme.

    You need to leave at least the default twenty eleven or twenty twelve theme otherwise you do just get a blank screen.

    NeedSomeAnswers

    (@needsomeanswers)

    What is the default wordpress theme installer?

    I have left the twentyten, twentyeleven, and twentytwelve themes inside. Along with index.php. Still blank.

    tomontoast

    (@tomontoast)

    Thats weird maybe due to it being multisite.

    See http://core.trac.wordpress.org/browser/trunk/wp-admin/update.php

    NeedSomeAnswers

    (@needsomeanswers)

    does anyone know how to reset all blogs to just one theme?

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    You’d have to edit the either in the DB or the network admin -> Sites -> edit method.

    I’ve tried to edit the DB, but i don’t think i am updating the right table. If i type in “SHOW TABLES;”, it will list thousands of “wp_” rows.

    Do we know which table exactly to edit?

    What about reinstalling all themes? Since all of my themes have been clouded in maleware, i can just re-download a fresh copy of all of them.

    I have messed around with “wget http://wordpress.org/extend/themes/download/twentyten.1.5.zip” and it works. I can also get each theme name. The only problem is that i don’t know the version numbers of all of my themes.

    Does anyone know of a way to download 400+ themes without knowing the version number?

    *or of course doing them one by one

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    wp_x_options

    You want to edit template and stylesheet

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘iframe injections into themes’ is closed to new replies.