I didn’t see anywhere in the forum or FAQ a list of what your plugin checks. Is it just files or does gotmls pull all the post data from the database to check for suspicious external styles?
I found most of the pharma hack files myself before finding your tool BUT at 4AM it’s very nice to have gotmls find some questionable ones. Sure enough, there was another classic eval decode_base64. PLus these jerks have been back twice in a month (2 different exploits to get in).
Still I’m a bit worried there may be some sneaky styles put directly into posts in the database. SeeÂ http://wiki.mediatemple.net/w/(gs):Fix_WordPress_redirect_exploitÂ for an older exploit using that trick.
I’ve got a collection of files from the last month of hacks if they’d be useful to you.
I would love to have a look at yourÂ collection of files from the last month of hacks.
If you want to give me WP Admin access to your site I could double check it for you.
P.S. Thanks for yourÂ donation!
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic.
Comments are closed.
Get instant updates to new definitions files as new threats are discovered.
*All fields are required and I will NOT share your information with anyone.