[Resolved] obfuscated code – can anyone decode?
the site is http://www.artcretedesigns.com
i’ve disabled the index.php file and it is pointing to the old html file.
it seems to be some kind of virus. it is showing up on all index files whether php html asp…
Hello to everybody. Is all the morning that I’m trying to decode or delete in some way my “double” base64 coding….I tried every thing, nothing…. and, unvelible, (in my template is working ok) I just deleted the command “get header” and “get footer” from index, page, search, etc. an I replaced them with a command “include”. I designed my footer (you can easily change the original one too removing completely the base 64 code using Dreamweaver or similar) and every thing works great.
I cannot believe it. I lost 5 hours and the solution was there!
I forgot. You have to save your footer.php (or header or whatelse) with another name, eg. footer2.php and live in the ROOT the original one running (alone and forgotten)
Sometimes this stuff can be encoded twenty times or more.
get_footermay get the code off your site but it doesn’t make you not-hacked. Someone got in. The door is still there and maybe there are additional back doors now. Whoever did this can come back. There may be other code that you haven’t found yet as well. You aren’t done.
Sorry, I post a reply to the wrong argument!!! My trick was just to delete advertise in WP Themes.
- The topic ‘[Resolved] obfuscated code – can anyone decode?’ is closed to new replies.