1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to know if a Wordpress theme/plugin contains some kind of malicious coding?

Discussion in 'General Programming Chat' started by Dennyy, Aug 6, 2013.

  1. Dennyy

    Dennyy Regular Member

    Joined:
    May 16, 2013
    Messages:
    341
    Likes Received:
    78
    Hey guys,

    There are a few Wordpress themes and plugins that I would love to use in the Member's download section (such as this http://www.blackhatworld.com/blackh...ricing-tables-ready-pro-wordpress-plugin.html) but what have prevented me from using any of them is that I don't want my website to get hacked because of malicious coding.

    Other than buying it directly from the developer (which I do when I really like the theme/plugin), is there a way to find out if uploaders have injected some kind of funky source coding? I 'do' do "ctrl+f" to find if there are websites in the coding, but I feel that this is not enough.

    Any response is appreciated!
     
  2. DeanFN

    DeanFN Junior Member

    Joined:
    Nov 14, 2011
    Messages:
    165
    Likes Received:
    14
    You can use Virus Total to scan the file
     
  3. saber210

    saber210 Supreme Member

    Joined:
    Sep 1, 2011
    Messages:
    1,358
    Likes Received:
    500
    Location:
    -
    For theme, I run TAC Plugin and Exploit Scanner.

    Exploit Scanner Plugin - It will scan the codes of all of your themes and plugins inside your wordpress that have malicious code.
     
    • Thanks Thanks x 2
  4. sn0rt

    sn0rt Elite Member

    Joined:
    Jun 12, 2012
    Messages:
    1,705
    Likes Received:
    3,502
    Occupation:
    "Most obstacles melt away when we make up our mind
    Location:
    "Knowing is not enough; we must apply. Willing is
    Heh, Virus Total is not enough.
     
  5. Bupler

    Bupler Regular Member

    Joined:
    Sep 14, 2010
    Messages:
    251
    Likes Received:
    49
    Location:
    Taiwan/North Carolina
    I also use TAC and Exploit Scanner. After that, I use Scrapebox to scan my site for any outbound links that were not made by me.
     
    • Thanks Thanks x 1
  6. sn0rt

    sn0rt Elite Member

    Joined:
    Jun 12, 2012
    Messages:
    1,705
    Likes Received:
    3,502
    Occupation:
    "Most obstacles melt away when we make up our mind
    Location:
    "Knowing is not enough; we must apply. Willing is
    Exploit Scanner will pick up a lot of false positives. The person has to know what they're looking at in order to decipher between the false positives and the actual threats.
     
    • Thanks Thanks x 2
  7. Dennyy

    Dennyy Regular Member

    Joined:
    May 16, 2013
    Messages:
    341
    Likes Received:
    78
    Yup, Virus Total can only do so much as it is mainly for apps.

    Thanks a lot for the quick response guys, I will definitely check out both TAC and Exploit Scanner! (followed by Bupler's idea of scanning OBL)
     
  8. saber210

    saber210 Supreme Member

    Joined:
    Sep 1, 2011
    Messages:
    1,358
    Likes Received:
    500
    Location:
    -
    Yeah, it will pick up a lot of false positives but at least you have an idea what are those codes and you can easily find callbacks and suspicious codes.
     
  9. sn0rt

    sn0rt Elite Member

    Joined:
    Jun 12, 2012
    Messages:
    1,705
    Likes Received:
    3,502
    Occupation:
    "Most obstacles melt away when we make up our mind
    Location:
    "Knowing is not enough; we must apply. Willing is
    Not if the OP doesn't know what he's looking for.

    Heh, for those who don't speak code, it'll look like a bunch of gibberish.
     
  10. lemonhead443

    lemonhead443 Newbie

    Joined:
    Feb 23, 2013
    Messages:
    13
    Likes Received:
    1
    i know this is off topic but.. Whats up with one popup saying the fbi has locked my browser.. and my browser is literally locked?? anyone know this or dealt with it before?
     
  11. Conor

    Conor Jr. VIP Jr. VIP

    Joined:
    Nov 7, 2012
    Messages:
    3,356
    Likes Received:
    5,418
    Gender:
    Male
    Location:
    South Africa
    Home Page:
  12. ardley216

    ardley216 Elite Member

    Joined:
    Mar 28, 2008
    Messages:
    2,391
    Likes Received:
    2,356
    Occupation:
    Finding easy keywords
    Location:
    1,500,000,000 Keywords Re
    Home Page:
    There was a great thread a couple years back on this. I'll see if I can dig it up.
     
    • Thanks Thanks x 1