[wp-hackers] Free themes have backlinks and backdoors inserted in code?

Otto otto at ottodestruct.com
Mon Jan 26 18:18:45 GMT 2009


On Mon, Jan 26, 2009 at 9:12 AM, scribu <scribu at gmail.com> wrote:
> On Mon, Jan 26, 2009 at 4:39 PM, Otto <otto at ottodestruct.com> wrote:
>
>> True, but at the same time it could be useful as a early warning
>> device. I've seen a plugin along these lines, but I can't find it
>> anywhere now. :(
>>
>
> I think you mean http://wordpress.org/extend/plugins/exploit-scanner/

No, this was a different one. Donncha's exploit scanner does do this
to some degree, but it's looking specifically for exploits, not for
suspicious code. It's search strings are only known exploits. Also,
it's doing MD5 on all the files in order to find changes later, in
case a file gets altered.

-Otto


More information about the wp-hackers mailing list