WordPress.org

Profiles

Profile picture of
  • Member Since: August 17th, 2008
  • Find me on:

  • Created a topic, Disabling Comment Author URL, on the site WordPress Support Forums

    4 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @whooami Liken it to voting, if you will, for simplicity -- "if you dont vote…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @KnowingArt_com There's a good chance I may never upgrade. If I really want a new…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    I just read Core Security Technologies' bulletin. It's a different issue, but it appears that…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    Yeah, I'm going to bed now.

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    Sorry, I just realized that the exported XML does not contain users table. It just…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @whooami It's easy for webmasters and developers to say nobody should be using the old…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @whooami Yeah, somewhere between 2.8 and 2.8.2, they must have added the line below: if…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @whooami I tested it on 2.8 and I just double-checked. I'm able to export.

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    The double slash hack does not even require any coding. Anyone can do this. All…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    OK. This might cause a panic, but /wp-admin//export.php is fully functional. This means that a…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    If for whatever reason, you cannot upgrade (because of the plugins or because you modified…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @rwboye I cannot hack into your blog because you don't allow people to register. I…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    Wait, this is a serious flaw. I just realized that by using the double-slash scheme…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    The double-slash scheme to get to the Permalink Options page does NOT work for 2.8.4…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @kirkpete I've deleted "admin" user from all my sites. As long as there is one…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    I also have Miriam and Adrianq. @kirkpete The hacker used one of the subscribers to…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    This answers one of the questions that I posted before: Why did the hacker need…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    OK. I just confirmed it. Testing on WP 2.8, if you login as a subscriber…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    Another sign that this user might be related to the hack is the neat Camel-casing…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    On 9/1/09, this user registered to be a subscriber: MikeWink bugbeemershonyhe@gmail.com I Googled that email…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    That's bad news. That means deleting xmlrpc.php and options-permalink.php wouldn't prevent this hacker from re-hacking.…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    Here is the whole block. 70.28.80.136 - - [04/Sep/2009:01:59:24 -0700] "GET /wp-login.php HTTP/1.1" 200 2539…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    Nevermind. I just used Mac's Console had no problem reading it. Here is the offending…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    I have access to my logs but it's huge, like 800MB. How does one go…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    I would not delete .htaccess

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    @robk30 I deleted wp-pass.php that was in my "uploads" folder.

    6 years ago

  • Posted a reply to "How to remove hidden admin", on the site WordPress Support Forums:
    Yes. That's only one of the symptoms: http://wordpress.org/support/topic/307518?replies=81

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @rwboyer Thank you for reminding me to change the database password!

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @netnothing My theory is that as long as your code is all clean, removing xmlrpc.php…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @figaro OK, we better change our passwords quick, before the hacker decrypt them. I guess…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @netslacker I believe that xmlrpc.php was the first entry point for the hacker. Once he…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    What is curious about this hack is that it's pretty obvious this was only Phase…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    OK. So, it does look like xmlrpc.php is the entry point as I suspected. So,…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @rwboyer I wonder what that POST request actually posted. I guess that long string is…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    @pielface I think you are the first person reporting the hack using 2.8.x Everyone else…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    @robk30 xmlrpc.php (in root folder) is part of the normal install of WP, but I…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @robk30 I deleted both. As far as I know, there should not be any PHP…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @marc_dutch123 I deleted xmlrpc.php from all my WP sites. I don't care about Ping Back…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    @netslacker When one of my WP sites got hacked earlier this year, I did similar…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    As Otto42 said in the sticky post, once the security fix is released, the hackers…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    @Otto42 As others have noticed, a function was inserted into various files (index.php and wp-config.php)…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    Another thing I noticed: in wp-content/uploads, I found two suspicious files: topper.php wp-pass.php I found…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    Another difference between affected and unaffected sites: The unaffected site had no user named "admin".…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    I have 2 equally popular blogs but only one was affected. The only difference was…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    I noticed that this hidden admin did not have email address. Email address is required…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    It seems that some sort of bot ran last night to infect a whole bunch…

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    @wysiwyg2009 No, I'm not using that, and was affected still.

    6 years ago

  • Posted a reply to "WP adding code to the end of url links breaking them", on the site WordPress Support Forums:
    How could this have happened to so many blogs almost simultaneously? I just upgraded to…

    6 years ago

  • Posted a reply to "Question About Possible Hack of Site", on the site WordPress Support Forums:
    I just noticed the same problem on one of my blogs (PainInTheEnglish.com). So, this appears…

    6 years ago