[wp-hackers] Black Hat Chinese Hackers - Looking for your input
dabbaking at gmail.com
Mon Jun 2 21:22:04 GMT 2008
I was about to say something witty because I thought it was another
cracker trying to get some info. There is probably a hole somewhere in
the software if this is continuing to happen. I would try to look at the
logs and see if there is an IP address trying to access some weird URL
string. If there's nothing there, I would see if it may be something
else on the server creating a vulnerability in MySQL allowing them to
add an administrator account to the database.
> Hi Guys,
> I have noticed two things:
> - The combination of the Words WordPress and Hack mostly return topics
> about making WP do cool things (the spirit of this mailing list)
> - Most requests for info about fixing hacked blogs are dead ends on
> Today I am trying to fix a hacked blog without simply starting over. I
> want to know what happened to create the following problem:
> All request in the address bar to ANY wp-admin files returns a 404 error.
> the .htaccess file seems clean.
> All files were at 2.5.1
> I have already overwritten all files in sequence to spot which one
> would have rogue code.
> that a bot inserts everyday on the site.
> Your pointers will definitely help me understand the source of the issue.
> What is your opinion on the usefullness of this plugin?
> (I know this is easely done the classic way but don't we all have a
> gazillion blogs to manage!?!)
> Thanks a lot,
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers