Comments on: Hacked ! http://www.phocean.net/2008/06/03/hacked.html?utm_source=rss&utm_medium=rss&utm_campaign=hacked "A defense that hedgehogs possess is the ability to roll into a tight ball, causing all of the spines to point outwards." -- Wikipedia Wed, 09 Nov 2011 11:04:26 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Owen http://www.phocean.net/2008/06/03/hacked.html/comment-page-1#comment-1252 Owen Mon, 14 Jul 2008 02:48:10 +0000 http://www.phocean.net/?p=109#comment-1252 Well, thats fortunate that you haven't had any more problems. I know there have been OpenID authentication plug-in exploits for Drupal but am not aware of any for Wordpress, very possible though. Well, thats fortunate that you haven’t had any more problems. I know there have been OpenID authentication plug-in exploits for Drupal but am not aware of any for WordPress, very possible though.

]]> By: JC http://www.phocean.net/2008/06/03/hacked.html/comment-page-1#comment-581 JC Wed, 18 Jun 2008 21:31:36 +0000 http://www.phocean.net/?p=109#comment-581 My blog is on my own server. I can't say I have perfectly secured it well yet, but it is not that bad and I am sure of the permission. I really think there is an exploit, and as you say most probably on a plug-in. Especially, I suspect the OpenID authentication plug-in, because it is quite new, not tested and susceptible to grant access to everything. So far, running without any other plugin than Akismet, I haven't been attacked anymore... Time will tell... My blog is on my own server. I can’t say I have perfectly secured it well yet, but it is not that bad and I am sure of the permission.

I really think there is an exploit, and as you say most probably on a plug-in.
Especially, I suspect the OpenID authentication plug-in, because it is quite new, not tested and susceptible to grant access to everything.

So far, running without any other plugin than Akismet, I haven’t been attacked anymore…
Time will tell…

]]> By: Owen http://www.phocean.net/2008/06/03/hacked.html/comment-page-1#comment-577 Owen Wed, 18 Jun 2008 18:28:17 +0000 http://www.phocean.net/?p=109#comment-577 There are many ways that it could have got put there. One possibility is the directory is not chmod'ed correctly and the file was uploaded from a form. Otherwise it could be a new Wordpress exploit that has not been released yet. If you are on a shared server, who knows. It could have been any one on the server with 1/2 a brain. I think that it was a plugin that had a bug. I'm going to check for that file on my blogs now. There are many ways that it could have got put there. One possibility is the directory is not chmod’ed correctly and the file was uploaded from a form. Otherwise it could be a new WordPress exploit that has not been released yet. If you are on a shared server, who knows. It could have been any one on the server with 1/2 a brain. I think that it was a plugin that had a bug.

I’m going to check for that file on my blogs now.

]]> By: JC http://www.phocean.net/2008/06/03/hacked.html/comment-page-1#comment-496 JC Fri, 13 Jun 2008 06:36:51 +0000 http://www.phocean.net/?p=109#comment-496 Thanks :) So it seems that the code responsible for infecting all the files was injected through a wp-stats.php... Now, as I have started from scratch with a fresh archive of Wordpress, I don't have such a file anymore. How the hell could this file have been injected ? Thanks :)

So it seems that the code responsible for infecting all the files was injected through a wp-stats.php…

Now, as I have started from scratch with a fresh archive of WordPress, I don’t have such a file anymore.

How the hell could this file have been injected ?

]]> By: C.S.Lee http://www.phocean.net/2008/06/03/hacked.html/comment-page-1#comment-493 C.S.Lee Wed, 11 Jun 2008 03:08:24 +0000 http://www.phocean.net/?p=109#comment-493 hi, Nice blog here, anyway that lead to And if you check out wp-stats.php, another obfuscated content. Cheers ;] hi,

Nice blog here, anyway that lead to

And if you check out wp-stats.php, another obfuscated content.

Cheers ;]

]]>