1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

G Webmaster Tools Suspected hacking

Discussion in 'BlackHat Lounge' started by TrevorB, May 30, 2013.

  1. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    Received this message in my G Webmaster Tools account for one
    of my websites and not sure what it's about.

    This is a wordpress site. I have checked the HTML of all the pages and
    can't see anything out of the ordinary. Has anyone received such a
    message before?

    What do you recommend I do?
     
  2. WayneInc

    WayneInc Senior Member

    Joined:
    Sep 20, 2012
    Messages:
    1,178
    Likes Received:
    1,099
    This is totally weird question..we got the unnatural link mail but this is something diffrent
     
  3. SmartMan

    SmartMan BANNED BANNED

    Joined:
    Jul 25, 2012
    Messages:
    673
    Likes Received:
    1,244
    Yes of course it's different. That's why he posted it here.
     
    • Thanks Thanks x 1
  4. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    Yes I know it's weird. I checked everything looking for
    suspicious files also, and can't find anything.

    They never even gave me a form link to fill for a
    reconsideration or anything.

    Darn Google, why don't they ever give enough
    information about this. Especially if they think
    my site has been modified from a 3'rd party, you
    would think they would tell me what looks to be
    wrong so I can fix it.

    I'm at a total loss what to do next about this.
     
  5. daddymax

    daddymax Junior Member

    Joined:
    Dec 2, 2012
    Messages:
    188
    Likes Received:
    155
    Location:
    SCOTLAND
    sound more like a shell has been injected into your site, try running a scan using this tool https://scanmyserver.com/ then report back in this thread so we can help you
     
  6. subster

    subster Elite Member

    Joined:
    Apr 5, 2008
    Messages:
    1,864
    Likes Received:
    1,448
    Location:
    Krauthausen
    use sucuri, be safe. ( the server side scan )
     
  7. erickishere

    erickishere Elite Member

    Joined:
    Nov 27, 2012
    Messages:
    3,162
    Likes Received:
    1,162
    cut the shit with the irrelevant spam posts. I've seen you 1st on every thread posting crap
     
    • Thanks Thanks x 4
    Last edited: May 30, 2013
  8. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
  9. islandman1010

    islandman1010 Elite Member

    Joined:
    May 10, 2008
    Messages:
    1,592
    Likes Received:
    139
    Try the plugins Wordfence and WP Better Security and see if they find anything
     
  10. daddymax

    daddymax Junior Member

    Joined:
    Dec 2, 2012
    Messages:
    188
    Likes Received:
    155
    Location:
    SCOTLAND
    the problem isn't within the wp as the op had already checked that.
     
  11. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    Tried Sucuri Site Check as subster suggested and the site came up clean. Still waiting on the results from the other scan that was suggested.
     
  12. oozyluce

    oozyluce Regular Member

    Joined:
    Jan 26, 2013
    Messages:
    277
    Likes Received:
    231
    Occupation:
    IT Coordinator, Senior Network Administrator
    Location:
    http://www.gaben.tv/
    Home Page:
    How big is your website? Does it contain hundreds of different pages or something more like in the dozens?

    Because if the number of pages isn't dramatically high, you could always do a manual check of each page's source code, searching for style="display:none" Is a good start
     
  13. subster

    subster Elite Member

    Joined:
    Apr 5, 2008
    Messages:
    1,864
    Likes Received:
    1,448
    Location:
    Krauthausen
    I am paid sucuri subscriber and have site free. But you'd have to pm me all details. I guess you just did the "surface check" as you have to paying subscriber to get the server side file check.
     
  14. Rokebono

    Rokebono Senior Member

    Joined:
    Jan 28, 2013
    Messages:
    1,120
    Likes Received:
    1,672
    Location:
    [​IMG]
     
  15. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    Just looked at the scan from scanmyserver and it showed
    6 low vulnerabilities that were basically about checking
    my sitemap to make sure that secure pages that aren't
    supposed to be indexed are not listed, suggestion about
    using secure FTP, etc.

    I sent a reconsideration request to Google yesterday
    requesting more information about why they said my
    site was hacked or where these hidden links are.

    I think maybe I was sent this by mistake or something.
    Will have to wait and see what reply I get back from Google.