WordPress.org

Support

Support » Requests and Feedback » the latest of WP just got hacked

the latest of WP just got hacked

  • While I was busy posting on go0d.com I saw that the blog has been hacked and it must have happened at about the same time that I was posting.

    http://go0d.com/?p=3

    I am wondering if you know where the exploit is and how to fix it?

    thank you

Viewing 5 replies - 1 through 5 (of 5 total)
  • umm, and what there suggests a hack?

    fix the permissions on wp-includes/compat.php so that THIS isnt happening:

    http://go0d.com/wp-includes/compat.php

    Forbidden
    You don’t have permission to access /wp-includes/compat.php on this server.

    Youve been messing with something, as even google’s cache of your site shows it without a theme.

    Crying wolf about being hacked is a bad idea, honestly — if you dont know for sure, dont do it.

    please – check again… http://go0d.com/?p=3
    I wasn’t crying wolf at all, a friend was trying
    to help with denying anyone’s access to the blog,
    as he did not know that I wrote here on the forum…
    thank you

    yah, ok, fair enough. My bad. Im sorry.

    thats a remote shell.

    might be wordpress related, might not.

    If you can locate your server logs AND your ftp logs, you can more than likely track down the entry point.

    I would be looking around on your server to see if thats an actual file, OR if its code thats been added .. Ill bet its a file, and its been included.

    You want to get the timestamp on that file, so you can compare the timestamp to anything that in those logs.

    By the way, your site is completely compromised, assuming any of those commands were executed.

    If this were mine — I would grab a backup of my database from phpmyadmin — and shitcan EVERYTHING after doing that.

    Start over — fresh database, fresh password. Fresh WP install, fresh admin passwd(s). Fresh files, and safe permissions.

    All of that, after I hunted down that file and got the timestamp so I could compare it to anything I located in the logs.

    Thank you for your input whooami, I will do
    as you suggested
    have a good night

    have a good night

    thanks, I wish i could say the same for you, but I dont think you will. 🙁

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘the latest of WP just got hacked’ is closed to new replies.