it detected core file changes by codes base64_decode('IyBCRUdJTiBXb3JkUHJlc3MKPEl...
I could find some files I didn't catch nor wordfence. I had a very malicious hacker on a website and it was really dirty.
Really too many false positives. So what I'm supposed to do now?
No error message besides the 'Error occurred' message. This is clearly broken, at least for WP multisites.
Must plugin for a WordPress web site. You can use it in combo with kali linux, and build a secure wall to your web site..
After grabbing the latest hash tags from https://github.com/philipjohn/exploit-scanner-hashes, I was able to get this to scan my site. Awesome work!
I get the following message:
The file containing hashes of all WordPress core files appears to be missing; modified core files will no longer be detected and a lot more suspicious strings will be detected"
Then it lists 553 problems which is far too much.
Anyone know how to get it working?
Works but tedious time to check few thousands of line!
Need option for files/folder to scan, can reduce thousands of lines to check, or at least filter to Severe Level matches
Kept not finishing search and giving error message. UNINSTALL!
Every time I update WordPress, Exploit Scanner loses its hashes file and marks everything as compromised. The fact that you have to manually generate a replacement hashes file - there is no way through the GUI - means that it is of limited use to anyone bar expert users. And even then, its not guaranteed to work.
The developers don't seem to be keeping up pace with WordPress core development - the Plugin page lists 3.5.2 as latest supported version, whereas 3.8 is most up to date WP version as of writing.
You must log in to submit a review. You can also log in or register using the form near the top of this page.