[wp-hackers] Black Hat Chinese Hackers - Looking for your input

David Weitz dabbaking at gmail.com
Mon Jun 2 21:22:04 GMT 2008


I was about to say something witty because I thought it was another 
cracker trying to get some info. There is probably a hole somewhere in 
the software if this is continuing to happen. I would try to look at the 
logs and see if there is an IP address trying to access some weird URL 
string. If there's nothing there, I would see if it may be something 
else on the server creating a vulnerability in MySQL allowing them to 
add an administrator account to the database.

Dave

MLR wrote:
> Hi Guys,
>
> I have noticed two things:
> - The combination of the Words WordPress and Hack mostly return topics
> about making WP do cool things (the spirit of this mailing list)
> - Most requests for info about fixing hacked blogs are dead ends on
> wordpress.org
>
> Today I am trying to fix a hacked blog without simply starting over. I
> want to know what happened to create the following problem:
>
> All request in the address bar to ANY wp-admin files returns a 404 error.
>
> the .htaccess file seems clean.
>
> All files were at 2.5.1
>
> I have already overwritten all files in sequence to spot which one
> would have rogue code.
>
> I checked the theme it seems fine (no encoded bits of javascript or rogue code)
>
> I have removed the javascript functions at the bottom of the index.php
> that a bot inserts everyday on the site.
>
> Your pointers will definitely help me understand the source of the issue.
>
> What is your opinion on the usefullness of this plugin?
> http://www.askapache.com/wordpress/htaccess-password-protect.html
>
> (I know this is easely done the classic way but don't we all have a
> gazillion blogs to manage!?!)
>
>
> Thanks a lot,
> Marie-Lynn
> http://www.friendly-webmaster.com
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
>   


More information about the wp-hackers mailing list