GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Webmaster Q & Fuckin' A (https://gfy.com/forumdisplay.php?f=27)
-   -   What kind of malicious code should I be on the lookout for in WP themes? (https://gfy.com/showthread.php?t=987491)

DHDChris 09-15-2010 03:33 PM
What kind of malicious code should I be on the lookout for in WP themes?
 
I'm looking through a few WordPress themes for any malicious code. I'm on the lookout for encoded / encrypted code, and any obvious things (like changing emails, accessing unnecessary db records, sql injections). However, I'm not sure what subtle function calls to look for. I'm thoroughly familiar with programming and php, but not so much with the WordPress functions.

Any ideas?

Thanks,
Chris

Vertigo 09-16-2010 12:15 AM
Few days back, my non-adult WP site was infected with a malicious code. I only realized it when I opened my site and it was redirecting to some site in Russia. In my next attempt, I somehow managed to check the source code of my site before it could redirect and immediately informed my host. Host found the malicious code and immediately removed it. There was a huge dump of malicious code in the footer of the page.

Luckily, no sensitive information was transmitted as I use OpenDNS. When I checked the OpenDNS logs, I could literally see the entry as blocked. If I hadn't been using OpenDNS, any sensitive data could easily have been transmitted.

So far, I have found no traces as to which plugin or theme this infection came from. So its a bit difficult to answer your question. But may be you can get more information on this in the WP forums.

MrRob 09-16-2010 01:08 AM
There are a couple of security plugins that may remove that shit. Try "Secure WordPress" and "WP Security Scan".
Get them @ wordpress.org

You should NEVER install free themes found on forums or on other free download sites. I suggest you buy a theme from a site like Themeforest.net and get one of the more popular themes that is updated regularly.

One other thing that is helpful and that is to rename Admin to something completely different.

Vertigo 09-16-2010 01:54 AM
Forgot to attach the screenshot.

http://sexians.com/Malware_Botnet_Activity.jpg

Apart form MrRob's suggestions and for added safety/security, you can also try to use the OpenDNS which blocks transmitting of any sensitive data just in case your site or any site visited is infected.

DHDChris 09-16-2010 05:22 PM
Thank you for the responses, guys. I will check out the WP plugins and OpenDNS.

fatfoo 09-17-2010 03:07 PM
I suppose you shouldn't check for problems yourself. Get the program that checks for problems.

Bec 09-18-2010 07:49 AM
You should also look over this Theme Authenticity Checker plugin

2intense 09-19-2010 01:22 PM
Quote:
Originally Posted by adultweb4u (Post 17507744)
Few days back, my non-adult WP site was infected with a malicious code. I only realized it when I opened my site and it was redirecting to some site in Russia. In my next attempt, I somehow managed to check the source code of my site before it could redirect and immediately informed my host. Host found the malicious code and immediately removed it. There was a huge dump of malicious code in the footer of the page.

Luckily, no sensitive information was transmitted as I use OpenDNS. When I checked the OpenDNS logs, I could literally see the entry as blocked. If I hadn't been using OpenDNS, any sensitive data could easily have been transmitted.

So far, I have found no traces as to which plugin or theme this infection came from. So its a bit difficult to answer your question. But may be you can get more information on this in the WP forums.
:thumbsup:thumbsup

pornguy 09-20-2010 08:09 AM
Believe it or not, it is usually best to buy a theme..

Vertigo 10-01-2010 02:20 AM
Quote:
Originally Posted by Bec (Post 17515053)
You should also look over this Theme Authenticity Checker plugin
Thanks, I will get this plugin in the sites ASAP.


All times are GMT -7. The time now is 08:35 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc