[wp-hackers] WP exploit , was Re: [Webmaster Central Help] Site hacked.
Jeremy Clarke
jer at simianuprising.com
Wed Dec 2 18:30:00 UTC 2009
It's also worth going through any media uploads added since the attack
and making sure they are really images (downloading them to OSX and
checking that they have thumbnails in them worked for me). Some might
be PHP files that are being loaded somehow, depending on your server
config.
For the actual core files its definitely worth completely deleting
wp-admin and wp-includes and replacing them entirely with pristine
versions, nothing really to lose there.
--
Jeremy Clarke
Code and Design | globalvoicesonline.org
More information about the wp-hackers
mailing list