[wp-hackers] Hacked blogs

Chris Jean gaarai at gaarai.com
Thu Mar 26 16:05:13 GMT 2009

I'm curious Joost. If you do that request to the site, does the exploit 
work. It's possible that it doesn't even work and isn't worth time 

Chris Jean

Joost de Valk wrote:
> Exactly, it's a check.
> Going through the access logs I can't find anything else yet though, 
> what we DO see on one of the hosts is that the "infected" files were 
> uploaded through FTP (we can see that in the xfer.log), but if I'm not 
> mistaken, that could still be done through XSS right?
> Dinh Ba Thanh wrote:
>> If the attacker is able to inject that chunk of code, other things 
>> could be include as well, eg: shell
>> Best Regards,
>> Dinh Ba Thanh, Jason
>> bathanh at gmail.com

More information about the wp-hackers mailing list