GoFuckYourself.com - Adult Webmaster Forum - Can someone take a look at this code?

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)

- Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)

- - Can someone take a look at this code? (https://gfy.com/showthread.php?t=1118656)

Pineapplez

08-18-2013 05:27 AM

Can someone take a look at this code?

I let wordfence run a scan on one of my wp blogs.
My theme header.php is modified. I use twenty twelve btw.

http://i.imgur.com/7lPfEGJ.jpg

And also, this code was added a bit further down.

http://i.imgur.com/OnYZSsj.jpg

Manfap

08-18-2013 05:28 AM

its malware. serverside hack.

signupdamnit

08-18-2013 05:33 AM

Yep. Second part looks like it's probably a hack.

seeandsee

08-18-2013 06:23 AM

looks shady

woj	08-18-2013 06:36 AM

yea, that 2nd part is an exploit, usually when that happens it's all over the place in 100s of different files...

if you need a hand cleaning it all up, icq: 33375924 or email me at woj#a#t#wojfun#.#c#om to discuss details

bloggerz

08-18-2013 06:40 AM

Yup, looks like an exploit

Creatine

08-18-2013 07:34 AM

This code is encrypted:

http://i.imgur.com/OnYZSsj.jpg

http://imgboo.me/upload/small/2013/0...0dc9dd898d.png

It's hard to say what it does, I would just remove it and see what happens. If the website is still fuly functional than it's fine.

All times are GMT -7. The time now is 02:15 AM.