| Search (advanced search) | ||||
Use this Search form before posting, asking or make a new thread.
|
|
02-12-2016, 08:09 AM
Post: #11
|
|||
|
|||
|
RE: Have I been hacked? PHP script in core wordpress file
last thing , reply to 2nd poster , the site was not hacked the theme ,plugin was cracked by a cracker and he him self modified the code so people install it without knowing anything and what this shit does is , force re-directs users to his money site , to gain free traffic.
|
|||
|
02-15-2016, 09:25 PM
Post: #12
|
|||
|
|||
RE: Have I been hacked? PHP script in core wordpress file
(02-12-2016 08:06 AM)hanna21 Wrote: here is more code to search Thanks a lot for your reply. I've put the code PHP Code: find . -name "*.php" -print0 | xargs -0 egrep -l 'eval\(base64_decode\(' >> infectedfiles.txt in Putty ssh, I made sure I was in the correct directory, this code created the file infectedfiles.txt correctly as you said however it did not get any text put inside this file. Even if I search something I know for sure is in a php file it still does not find it and put it in infectedfiles.txt so I am not sure what is going on with this? For example: PHP Code: find . -name "*.php" -print0 | xargs -0 egrep -l 'global $blog_id;' >> infectedfiles.txt I know global $blog_id; is in wp-settings.php but it doesn't find it in Putty? I do have multiple wordpress sites hosted in subdirectories on the server. It appears that the infected code had got into every single nav-menu.php on the server somehow, I have reinstalled Wordpress and deleted any suspicious plugins/themes. Thanks |
|||
