1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Wordpress Hacked

Discussion in 'Security' started by criticker, Jan 21, 2009.

  1. #1
    Hello,

    my blog TotalBlogal.net got hacked a while ago and I thought I cleaned everything up but Google punished my by placing my site on a PR0 for a while now. So I'm assuming that there is still a weird script on it adding weird porno links to my site.

    Anyone knows of a solution? Could someone maybe take a look? That would really make my day.
    SEMrush
     
    criticker, Jan 21, 2009 IP
    SEMrush
  2. krbsn

    krbsn Greenhorn

    Messages:
    28
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    11
    #2
    Yes I checked your wordpress , its version 2.7
    What is your old wordpress versiyon ? Ä°f it was wordpress 2.6 This versiyon has some security problem

    or maybe some plugin ? Please check this plugins version

    Did you use this plugin on your wordpress?

    
    2009-01-12 	Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability 	2111 	R		 D 		 seomafia
    2008-12-22 	Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln 	2773 	R		D 		GoLd_M
    2008-10-29 	Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit 	3823 	R		D 		t0pP8uZz
    2008-10-26 	WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln 	4219 	R		D 		boom3rang
    2008-10-17 	Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln 	4901 	R		D 		r45c4l
    2008-09-10 	Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit 	13095 	R		D 		iso^kpsbr
    2008-09-07 	Wordpress 2.6.1 SQL Column Truncation Vulnerability 	14873 	R		D 		irk4z
    2008-07-24 	Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit 	7773 	R		D 		SaO
    2008-04-22 	Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability 	8134 	R		D 		1ten0.0net1
    2008-03-31 	Wordpress Plugin Download (dl_id) SQL Injection Vulnerability 	9238 	R		D 		BL4CK
    2008-02-26 	Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities 	8005 	R		D 		Florinu
    2008-02-16 	Wordpress Photo album Remote SQL Injection Vulnerability 	10252 	R		D 		S@BUN
    2008-02-15 	Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability 	6022 	R		D 		S@BUN
    2008-02-15 	Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability 	5901 	R		D 		S@BUN
    2008-02-05 	Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit 	7572 	R		D 		Alexander Concha
    2008-02-03 	Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability 	4967 	R		D 		S@BUN
    2008-02-02 	Wordpress Plugin Wordspew Remote SQL Injection Vulnerability 	6691 	R		D 		S@BUN
    2008-02-02 	Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities 	3986 	R		D 		NBBN
    2008-01-30 	Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit 	4845 	R		D 		enter_the_dragon
    2008-01-30 	Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit 	5713 	R		D 		enter_the_dragon
    2008-01-27 	Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability 	7373 	R		D 		Houssamix
    2008-01-27 	Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability 	6191 	R		D 		Houssamix
    2008-01-19 	Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability 	9572 	R		D 		websec Team
    2008-01-06 	Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability 	7027 	R		D 		Houssamix
    2007-12-11 	Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability 	16435 	R		D 		Abel Cheung
    2007-12-05 	Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability 	6580 	R		D 		GoLd_M
    2007-11-01 	WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability 	10347 	R		D 		S.W.A.T.
    2007-09-14 	Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub) 	19983 	R		D 		Lance M. Havok
    2007-06-26 	WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit 	18434 	R		D 		Alexander Concha
    2007-06-06 	Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit 	42412 	R		D 		Slappter
    2007-05-21 	Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit 	15921 	R		D 		waraxe
    2007-05-01 	Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability 	10849 	R		D 		Crackers_Child
    2007-05-01 	Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability 	13176 	R		D 		K-159
    2007-05-01 	Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability 	9605 	R		D 		K-159
    2007-04-29 	Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability 	12894 	R		D 		GoLd_M
    2007-04-03 	Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit 	16849 	R		D 		Sumit Siddharth
    2007-01-10 	Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit 	26015 	R		D 		rgod
    2007-01-07 	Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit 	20282 	R		D 		Stefan Esser
    2006-12-30 	Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability 	6304 	R		D 		xoron
    2006-05-25 	WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit 	21897 	R		D 		rgod
    2005-08-10 	Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit) 	11926 	R	M 	D 		str0ke
    2005-08-09 	Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit 	10707 	R	M 	D 		Kartoffelguru
    2005-06-30 	Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit 	10938 	R	M 	D 		James Bercegay
    2005-06-22 	WordPress <= 1.5.1.1 SQL Injection Exploit 	10937 	R		D 		Alberto Trivero
    2005-06-21 	WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit 	10863 	R		D 		RusH
    2004-10-10 	WordPress Blog HTTP Splitting Vulnerability 	8240 	R		D 		Tenable NS
    
    
    
    HTML:
     
    krbsn, Jan 21, 2009 IP
  3. criticker

    criticker Peon

    Messages:
    16
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    OMG - that looks really scarry. Thank you so much for taking the time. What do you think is the best way to get rid of those files. Man ... I hate spammers.
     
    criticker, Jan 21, 2009 IP
  4. krbsn

    krbsn Greenhorn

    Messages:
    28
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    11
    #4
    First of all your server must be quality and good folder permission! % 80

    after that your plugins,wordpress versions,buqs,exploits you can search that from milw0rm or the other security portal. % 19


    at the and your puswords difficulties and the others %1


    Thanks,
     
    krbsn, Jan 21, 2009 IP
  5. justdoit1

    justdoit1 Peon

    Messages:
    100
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #5
    http:\\blogsecurity.net/wordpress/tools/wp-scanner/
     
    justdoit1, Jan 25, 2009 IP