Support » Fixing WordPress » Is someone trying to hack my blog?

  • Today when I logged in I see two comments awaiting moderation. But instead of a real comment, or spam, I see this:
    Bill845877422+ACc-,,+ACc-+ACc-,+ACc-,+ACc-2008-03-12 22:49:20+ACc-,+ACc-2008-03-12 22:49:20+ACc-,+ACc-+ACc-,+ACc-0+ACc-,+ACc-lynx+ACc-,+ACc-comment+ACc-,+ACc-0+ACc-,+ACc-0+ACc-),(+ACc-0+ACc-, +ACc-+ACc-, +A

    and the other comment I see this:
    +ACc- AND 1=0) UNION SELECT 1 FROM wp_users WHERE user_login=+ACc-admin+ACc- and substring(reverse(lpad(conv(substring(user_pass,1,1), 16, 2),4,+ACc-0+ACc-)),1,1)=+ACc-1+ACc- /*

Viewing 7 replies - 1 through 7 (of 7 total)
  • Looks like a sql injection attempt. Meaning they tried to either put or get information for you database that they shouldn’t have access to. As long as your running the latest version of wordpress you should be fine.

    Actually I just looked and I’m Running 2.1.3

    I went to GoDaddy who is hosting my account and requested an update, but the highest update they have is 2.2.1 Do you think this will be sufficient?

    No you really need to upgrade to the latest in the 2.3 branch. Upgrading isn’t all that difficult and the instructions are very detailed and step by step.

    I was just wondering this myself. I received 3 or 4 comments all in a row on one particular post today where the author’s field was filled in with something like this:

    ‘ AND 1=0) UNION SELECT 1 FROM wp_users WHERE user_login=’admin’ and substring(reverse(lpad(conv(substring(user_pass,1,1), 16, 2),4,’0′)),1,1)=’1′ /*
    (IP: ,

    I figured it was looking for “admin” accounts it could hack?

    I have the latest upgraded version of wordpress, and I also checked to make sure I didn’t have one of those “1” folders. Is this something to be concerned about?


    Does 2.3 protect against sql insertion hacks via comments? I upgraded today after two of my blogs were attacked at almost the same time.

    I had the same (or similar) attack attempt made against a blog of mine.

    Due to the environment it lives in, it would be far better if I could stick to the 2.0 branch for now.

    Is 2.0.11 “patched enough” to protect against these attacks, or do I absolutely need to be looking into 2.3.3?


    Yes 2.0.11 is up to date and the 2.0 branch will be updated until 2010 you can download from here.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Is someone trying to hack my blog?’ is closed to new replies.