Wordpress Hacked

Hello,

my blog TotalBlogal.net got hacked a while ago and I thought I cleaned everything up but Google punished my by placing my site on a PR0 for a while now. So I'm assuming that there is still a weird script on it adding weird porno links to my site.

Anyone knows of a solution? Could someone maybe take a look? That would really make my day.

 

Yes I checked your wordpress , its version 2.7
What is your old wordpress versiyon ? Ä°f it was wordpress 2.6 This versiyon has some security problem

or maybe some plugin ? Please check this plugins version

Did you use this plugin on your wordpress?

2009-01-12 	Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability 	2111 	R		 D 		 seomafia
2008-12-22 	Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln 	2773 	R		D 		GoLd_M
2008-10-29 	Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit 	3823 	R		D 		t0pP8uZz
2008-10-26 	WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln 	4219 	R		D 		boom3rang
2008-10-17 	Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln 	4901 	R		D 		r45c4l
2008-09-10 	Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit 	13095 	R		D 		iso^kpsbr
2008-09-07 	Wordpress 2.6.1 SQL Column Truncation Vulnerability 	14873 	R		D 		irk4z
2008-07-24 	Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit 	7773 	R		D 		SaO
2008-04-22 	Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability 	8134 	R		D 		1ten0.0net1
2008-03-31 	Wordpress Plugin Download (dl_id) SQL Injection Vulnerability 	9238 	R		D 		BL4CK
2008-02-26 	Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities 	8005 	R		D 		Florinu
2008-02-16 	Wordpress Photo album Remote SQL Injection Vulnerability 	10252 	R		D 		S@BUN
2008-02-15 	Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability 	6022 	R		D 		S@BUN
2008-02-15 	Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability 	5901 	R		D 		S@BUN
2008-02-05 	Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit 	7572 	R		D 		Alexander Concha
2008-02-03 	Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability 	4967 	R		D 		S@BUN
2008-02-02 	Wordpress Plugin Wordspew Remote SQL Injection Vulnerability 	6691 	R		D 		S@BUN
2008-02-02 	Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities 	3986 	R		D 		NBBN
2008-01-30 	Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit 	4845 	R		D 		enter_the_dragon
2008-01-30 	Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit 	5713 	R		D 		enter_the_dragon
2008-01-27 	Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability 	7373 	R		D 		Houssamix
2008-01-27 	Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability 	6191 	R		D 		Houssamix
2008-01-19 	Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability 	9572 	R		D 		websec Team
2008-01-06 	Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability 	7027 	R		D 		Houssamix
2007-12-11 	Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability 	16435 	R		D 		Abel Cheung
2007-12-05 	Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability 	6580 	R		D 		GoLd_M
2007-11-01 	WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability 	10347 	R		D 		S.W.A.T.
2007-09-14 	Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub) 	19983 	R		D 		Lance M. Havok
2007-06-26 	WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit 	18434 	R		D 		Alexander Concha
2007-06-06 	Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit 	42412 	R		D 		Slappter
2007-05-21 	Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit 	15921 	R		D 		waraxe
2007-05-01 	Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability 	10849 	R		D 		Crackers_Child
2007-05-01 	Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability 	13176 	R		D 		K-159
2007-05-01 	Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability 	9605 	R		D 		K-159
2007-04-29 	Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability 	12894 	R		D 		GoLd_M
2007-04-03 	Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit 	16849 	R		D 		Sumit Siddharth
2007-01-10 	Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit 	26015 	R		D 		rgod
2007-01-07 	Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit 	20282 	R		D 		Stefan Esser
2006-12-30 	Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability 	6304 	R		D 		xoron
2006-05-25 	WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit 	21897 	R		D 		rgod
2005-08-10 	Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit) 	11926 	R	M 	D 		str0ke
2005-08-09 	Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit 	10707 	R	M 	D 		Kartoffelguru
2005-06-30 	Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit 	10938 	R	M 	D 		James Bercegay
2005-06-22 	WordPress <= 1.5.1.1 SQL Injection Exploit 	10937 	R		D 		Alberto Trivero
2005-06-21 	WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit 	10863 	R		D 		RusH
2004-10-10 	WordPress Blog HTTP Splitting Vulnerability 	8240 	R		D 		Tenable NS

HTML:

 

OMG - that looks really scarry. Thank you so much for taking the time. What do you think is the best way to get rid of those files. Man ... I hate spammers.

 

First of all your server must be quality and good folder permission! % 80

after that your plugins,wordpress versions,buqs,exploits you can search that from milw0rm or the other security portal. % 19

at the and your puswords difficulties and the others %1

Thanks,

 

http:\\blogsecurity.net/wordpress/tools/wp-scanner/