Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

 

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
New Webmasters ask "How-To" questions here. This is where other fucking Webmasters help.

 
Thread Tools
Old 09-15-2010, 03:33 PM   #1
DHDChris
Registered User
 
DHDChris's Avatar
 
Industry Role:
Join Date: Nov 2009
Location: Las Vegas
Posts: 18
What kind of malicious code should I be on the lookout for in WP themes?

I'm looking through a few WordPress themes for any malicious code. I'm on the lookout for encoded / encrypted code, and any obvious things (like changing emails, accessing unnecessary db records, sql injections). However, I'm not sure what subtle function calls to look for. I'm thoroughly familiar with programming and php, but not so much with the WordPress functions.

Any ideas?

Thanks,
Chris
__________________
65% Revenue share with NO Pre-checked Cross-Sales - DirtyHardCash
FHGs | Morphing RSS Feed | ICQ 586-006-959
DHDChris is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-16-2010, 12:15 AM   #2
Vertigo
Confirmed User
 
Industry Role:
Join Date: Aug 2008
Posts: 131
Few days back, my non-adult WP site was infected with a malicious code. I only realized it when I opened my site and it was redirecting to some site in Russia. In my next attempt, I somehow managed to check the source code of my site before it could redirect and immediately informed my host. Host found the malicious code and immediately removed it. There was a huge dump of malicious code in the footer of the page.

Luckily, no sensitive information was transmitted as I use OpenDNS. When I checked the OpenDNS logs, I could literally see the entry as blocked. If I hadn't been using OpenDNS, any sensitive data could easily have been transmitted.

So far, I have found no traces as to which plugin or theme this infection came from. So its a bit difficult to answer your question. But may be you can get more information on this in the WP forums.
Vertigo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-16-2010, 01:08 AM   #3
MrRob
Confirmed User
 
Industry Role:
Join Date: Sep 2010
Posts: 92
There are a couple of security plugins that may remove that shit. Try "Secure WordPress" and "WP Security Scan".
Get them @ wordpress.org

You should NEVER install free themes found on forums or on other free download sites. I suggest you buy a theme from a site like Themeforest.net and get one of the more popular themes that is updated regularly.

One other thing that is helpful and that is to rename Admin to something completely different.
MrRob is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-16-2010, 01:54 AM   #4
Vertigo
Confirmed User
 
Industry Role:
Join Date: Aug 2008
Posts: 131
Forgot to attach the screenshot.



Apart form MrRob's suggestions and for added safety/security, you can also try to use the OpenDNS which blocks transmitting of any sensitive data just in case your site or any site visited is infected.
Vertigo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-16-2010, 05:22 PM   #5
DHDChris
Registered User
 
DHDChris's Avatar
 
Industry Role:
Join Date: Nov 2009
Location: Las Vegas
Posts: 18
Thank you for the responses, guys. I will check out the WP plugins and OpenDNS.
__________________
65% Revenue share with NO Pre-checked Cross-Sales - DirtyHardCash
FHGs | Morphing RSS Feed | ICQ 586-006-959
DHDChris is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-17-2010, 03:07 PM   #6
fatfoo
ICQ:649699063
 
Industry Role:
Join Date: Mar 2003
Posts: 27,763
I suppose you shouldn't check for problems yourself. Get the program that checks for problems.
__________________
Send me an email: [email protected]
fatfoo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-18-2010, 07:49 AM   #7
Bec
Confirmed User
 
Bec's Avatar
 
Join Date: Jul 2004
Location: Ohio
Posts: 293
You should also look over this Theme Authenticity Checker plugin
Bec is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-19-2010, 01:22 PM   #8
2intense
Too lazy to set a custom title
 
Industry Role:
Join Date: Dec 2009
Location: Google
Posts: 12,403
Quote:
Originally Posted by adultweb4u View Post
Few days back, my non-adult WP site was infected with a malicious code. I only realized it when I opened my site and it was redirecting to some site in Russia. In my next attempt, I somehow managed to check the source code of my site before it could redirect and immediately informed my host. Host found the malicious code and immediately removed it. There was a huge dump of malicious code in the footer of the page.

Luckily, no sensitive information was transmitted as I use OpenDNS. When I checked the OpenDNS logs, I could literally see the entry as blocked. If I hadn't been using OpenDNS, any sensitive data could easily have been transmitted.

So far, I have found no traces as to which plugin or theme this infection came from. So its a bit difficult to answer your question. But may be you can get more information on this in the WP forums.
2intense is online now   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 09-20-2010, 08:09 AM   #9
pornguy
Too lazy to set a custom title
 
pornguy's Avatar
 
Industry Role:
Join Date: Mar 2003
Location: Homeless
Posts: 62,911
Believe it or not, it is usually best to buy a theme..
__________________
PornGuy skype me pornguy_epic

AmateurDough The Hottes Shemales online!
TChicks.com | Angeles Cid | Mariana Cordoba | MAILERS WELCOME!
pornguy is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 10-01-2010, 02:20 AM   #10
Vertigo
Confirmed User
 
Industry Role:
Join Date: Aug 2008
Posts: 131
Quote:
Originally Posted by Bec View Post
You should also look over this Theme Authenticity Checker plugin
Thanks, I will get this plugin in the sites ASAP.
Vertigo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
 
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
code, php, wordpress



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.