Best Blackhat Forum

Full Version: WORDPRESS SECURITY ALERT!!! MUST READ
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello mates,
I received this email this morning from Wordfence about a new hacking threat
to your WordPress site (that is if you use WordPress) and thought it a good read
for everyone here...


"This morning, Brad Haas, our Security Services Team lead,
has written a blog post describing how attackers
are exploiting a file that is commonly used for site maintenance.
We have seen a rise in malicious scans trying to find this file,
so we wanted to make the community aware of the dangers
associated with it.

We include detailed screenshots showing how it works, how
the file is exploited and how to detect it if you have it on
your system. We also include instructions for what to do
if you have been hacked.

You can read the full post on our blog"
...


Code:
https://www.wordfence.com/blog/2017/07/searchreplacedb2-security/?utm_source=list&utm_medium=email&utm_campaign=072517

Hope this helps you in mitigating any possible future agony and frustration.

Regards,
ebizmoney
Thanks for the 'heads-up'.

But to avoid everyone panicking (and having read the entire article) this hack ONLY APPLIES if you have added a particular 'search and replace' plugin tool to your site

i.e. it does NOT apply to most 'normal' Wordpress installations.

Here's the relevant summary:

Several years ago, web publishing company Interconnect/IT released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as searchreplacedb2.php, includes built-in WordPress compatibility that makes working with WordPress databases a breeze.


So, if you don't use this tool, you have nothing to worry about.

HTH ;-)
Thank you so much for let us know about this info. I didn't know about this. Great info so far. lol
I like WordFence. It's a great free security plugin. Use it on all my sites.
(07-27-2017 10:09 PM)kirstie Wrote: [ -> ]Thanks for the 'heads-up'.

But to avoid everyone panicking (and having read the entire article) this hack ONLY APPLIES if you have added a particular 'search and replace' plugin tool to your site

i.e. it does NOT apply to most 'normal' Wordpress installations.

Here's the relevant summary:

Several years ago, web publishing company Interconnect/IT released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as searchreplacedb2.php, includes built-in WordPress compatibility that makes working with WordPress databases a breeze.


So, if you don't use this tool, you have nothing to worry about.

HTH ;-)

Thanks for the sum-up. I use WordFence on my setups and it is usually super on top of stuff. Glad I don't have a special search plugin.
Thanks for the share.
Hmmm it would be interesting to set up a honey pot with that plugin to catch any hackers that want to try and steal your info. Instead you catch them and give them the appearance they've gained access, and instead get them to fork over information about themselves to you like their real IP or even display a message to them.
Thanks for sharing this bud.Never got to hear about this.
Reference URL's