Title: SQL injection/wordpress hacked Last modified: August 20, 2016 --- # SQL injection/wordpress hacked * [tyrspawn](https://wordpress.org/support/users/tyrspawn/) * (@tyrspawn) * [15 years ago](https://wordpress.org/support/topic/sql-injectionwordpress-hacked/) * In the middle of the night I noticed that my website was re-directing to somewhere, although it never loaded any other pages, it would just stall indefinitely. I found this injected into my index.php: * [http://pastebin.com/e9mXJZRh](http://pastebin.com/e9mXJZRh) * Removing the injection fixes my website, but it seems to return every night at around 3 AM eastern. I would love some help tracking it down. I tried to search for parts of that in phpmyadmin, but I have never dealt with anything like this before and don’t really know what to search for, or what to do. Please help. * Oh and I know plugins might be related to this. I am/was running: * Akismet Twitter Tools 2.4 WordPress Database Backup * The wordpress database backup randomly stopped working awhile back, so something might be broken with it. Regardless, I disabled that plugin now. I doubt Akismet or Twitter Tools are causing a problem, but i’m open to your ideas. Viewing 2 replies - 1 through 2 (of 2 total) * Moderator [keesiemeijer](https://wordpress.org/support/users/keesiemeijer/) * (@keesiemeijer) * [15 years ago](https://wordpress.org/support/topic/sql-injectionwordpress-hacked/#post-2113475) * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked) [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779) [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/) [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/) * Thread Starter [tyrspawn](https://wordpress.org/support/users/tyrspawn/) * (@tyrspawn) * [15 years ago](https://wordpress.org/support/topic/sql-injectionwordpress-hacked/#post-2113678) * I changed my wordpress login/password, sql password and admin password for my website. Today I found a new injection, my DB is apparently still compromised( I assume it’s my DB at least). * [http://pastebin.com/Qs066QGJ](http://pastebin.com/Qs066QGJ) * Some more details: * The injection is a re-direct which keeps attempting to re-direct to BRUTERGASED. INFO * The injection is a trojan, redirme-inf. That’s what avast anti virus is picking up. I would appreciate help… * I deleted the store of all my spam comments, so I don’t think its hiding in a comment somewhere. I’m not sure where else it would, or what to search for. I have phpmyadmin and can do search queries, but have no idea what it would look like. I tried searching for eval and lave as per one of those thinks, and some other keywords, but was unable to find anything . Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘SQL injection/wordpress hacked’ is closed to new replies. ## Tags * [sql injection](https://wordpress.org/support/topic-tag/sql-injection/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 2 replies * 2 participants * Last reply from: [tyrspawn](https://wordpress.org/support/users/tyrspawn/) * Last activity: [15 years ago](https://wordpress.org/support/topic/sql-injectionwordpress-hacked/#post-2113678) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics