[wp-hackers] WP exploit , was Re: [Webmaster Central Help] Site hacked.

Malaiac malaiac at gmail.com
Wed Dec 2 09:07:18 UTC 2009


2009/11/27 Malaiac <malaiac at gmail.com>:
> Regarding http://www.google.com/support/forum/p/Webmasters/thread?fid=2bb823d5af6173a00004794fff8f89b7&hl=en
>
> it seems this is an exploit from older versions of WP.
>
> One of my sites had been hacked with it. Upgrading to 2.8.6 and
> overwriting the wp-settings.php file did the job.

Oops.
upgrading to 2.8.6 only fixed the problem for a few days before the
hacker went on it again.

See the actual hacking on
http://www.google.fr/search?rlz=1C1CHMP_frFR291FR301&sourceid=chrome&ie=UTF-8&q=site:lestelechargements.fr
Front page is ok when viewed with a human user agent, but just check
the front page with a Googlebot user agent and you'll get the
prescription.

wp-settings.php is clean, as are  .htaccess and index.php

Another subdomain setup on the same domain (
http://musique.lestelechargements.fr/ ) is fine.

Any idea where to search for the exploit ?

M


More information about the wp-hackers mailing list