1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Shortcode Magic Wordpress Hack -- check version!

Discussion in 'BlackHat Lounge' started by tnhomestead, Mar 4, 2014.

  1. tnhomestead

    tnhomestead Regular Member

    Joined:
    Oct 9, 2011
    Messages:
    385
    Likes Received:
    253
    Location:
    Tenneessee USA
    Home Page:
    Hey just had a site of mine compromised by using shortcode magic. It appears to use an older version of tim thumb, which allows a hacker to compromise your site. This facebook page lists a bunch of themes and plugins that have this exploit in them.
    Code:
    https://www.facebook.com/hacker.anondz/posts/450119431748485
    Anyway most of you know this -- and so did I -- but I didnt check and double check!
    Some more info here -- just follow the links!
    Code:
    https://www.facebook.com/hacker.anondz/posts/450119431748485
     
    • Thanks Thanks x 1
  2. tnhomestead

    tnhomestead Regular Member

    Joined:
    Oct 9, 2011
    Messages:
    385
    Likes Received:
    253
    Location:
    Tenneessee USA
    Home Page:
    Quick check to see if your site is hacked -- since most of these script kiddies dont modify the script -- look for a file named x.txt in your home directory or a file called logx.txt If you see either one you have been hacked, get it cleaned.
     
    • Thanks Thanks x 1
  3. sashablack

    sashablack Elite Member

    Joined:
    Jan 8, 2010
    Messages:
    3,697
    Likes Received:
    2,050
    Gender:
    Male
    thanks for the heads up :)