46.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

12-18-2018, 01:11 PM (This post was last modified: 12-18-2018 01:12 PM by Lumos.)
Post: #31
Thumbs Up RE: How to detect Malicious code in nulled or Free WordPress Themes and Plugins
Sahydian, I've been watching this wonderful thread since it 1st appeared to me in the new posts list a while back, thank you for sharing such valuable info.

I've become specifically concerned about the many reports of webshell infections.
It seems they are present in original addons from the big addon seller's sites - but noplace have I found a 'cure' showing how to locate this extra code and remove it.

Looking into reports about webshell shows that it opens backdoors into WP servers allowing exploits to happen very easily.

I've also kept track of this other thread which has several suggestions:
http://bestblackhatforum.com/Thread-GET-...E-Solution

Searching on 'webshell' here brings a startling 25 pages of results !!!
It is even present in such famous and original addons as Avada.
What do other folks here do about it ??
Mostly folks just criticize it as a FP and trash talk BKAV for making the FP.

Oddly enough, the BKAV folks started showing this was real way back in 2013, look:
Code:
http://security.bkav.com/home/-/blogs/some-webshell-hiding-techniques-and-detecting-solutions/normal
The above even includes a link to get a little tool to help detect webshell despite how it uses encryption and/or steganography.

Here are a couple of other places to find more webshell info:
Code:
https://dfarq.homeip.net/reversing-wordpress-malware/
https://blog.wpscans.com/finding-php-and-wordpress-backdoors-using-antivirus-and-indicator-of-compromise/
http://www.shelldetector.com/#home
There'e lots more to be seen - but most of it in not in english, sadly.

My suggestion for most folks is to always have a spare WP installation on free or cheap hosting using a free domain name - to have detection and protection addons installed and ready there, and to test any new addons one wishes to use on that, as sort of a sandbox.

Still, at the end of the day it would be great if someone could come forth with a way to reliably detect AND to remove webshell infections if/when they are present !!
Thanks
I totally despise board spammers and spambots !!!
06-04-2019, 03:57 AM
Post: #32
RE: How to detect Malicious code in nulled or Free WordPress Themes and Plugins
Very useful information. Thanks for sharing the tips
07-27-2019, 12:13 PM
Post: #33
RE: How to detect Malicious code in nulled or Free WordPress Themes and Plugins
Great post bro thanks Perfect 10
07-31-2019, 03:53 AM
Post: #34
RE: How to detect Malicious code in nulled or Free WordPress Themes and Plugins
(07-14-2016 06:48 AM)sahydian Wrote:  thanks for comments guys!
All I can say is
THANK YOU
A truly appreciated share
max reps left

Happydance Happydance Happydance Thanks
I can't stand a naked light bulb, any more than I can a rude remark or a vulgar action. Tennessee Williams




16.gif