[wp-hackers] Reporting WordPress exploits?

Jess Planck jess at funroe.net
Thu Feb 5 17:27:28 GMT 2009


Sometimes you can check modification dates on files and match those  
times with dates in your raw web traffic logs. Also look for bizarre  
http strings and variables. If the server was compromised from the web  
and not fully compromised the information may be available. If the  
server was compromised by other means or fully compromised an intruder  
may be able to cover their tracks.

On Feb 5, 2009, at 11:19 AM, Mindshare Studios wrote:

> Could you elaborate on how one might identify "where the injection
> occurred"? What should I look for?



More information about the wp-hackers mailing list