Your Codebank Invitation!
I'm inviting you to join the Codebank right now! It's filled with complete scripts, tools, code, tutorials, and programmers and designers to help you.
I just got done helping a client that had their WordPress Blog hacked into. Normally when a blog is hacked into the actual theme files are modified. A fix is as simple as opening the files up and finding the offending injected code and doing a global find and replace through the command line, or through dreamweaver.
This time though it was the database that was fubared. Every single post had content injected into it. All 903 of them.
I’ve actually never run into this before so I figured it was worth at least a post since the fix was so easy.
So what I did was go into the phpmyadmin area. Select the database table and go to the sql tab.
Enter in something like this:
UPDATE `wp_posts` SET post_content = replace(post_content,’A COPY AND PASTE OF THE INJECTED TEXT’,"")
That will ‘find’ each instance of the injected text, and replace it with nothing at all. If I wanted to replace it with something about liking pie I would do this:
UPDATE `wp_posts` SET post_content = replace(post_content,’A COPY AND PASTE OF THE INJECTED TEXT’,'MAN O’ MAN DO I LIKE PIE’)
So anyway I get finished, shoot off a little bill and start thinking (dangerous). I think on all my auto blogs I’m going to start injecting my own strange characters (or in this case ads). Down the road when I want to add something I won’t have to write a bot or use a plugin to do it.
In fact I’m going to start every post off with a non spacing break or something so I can go back in and add in other stuff (links, ads, code, etc..) at the top of all my posts.
If you enjoyed this article, please consider sharing it!
How about adding something like (donno if that’ll get filtered by wp comment process but it’s a html comment). Then you can write a quick wp filter plugin that’ll take the post content and do a replace on output. It’s really as easy as something like:
register_filter( args );
function filterthingie( input ) {
return str_replace( “temp”, “new”, $input );
}
Sparky,
Mainly because you don’t want to leave that stuff in your database
There could be stuff that’s calling something remote just when you call it to replace it.
But the filters function built into wordpress is awesome for changing stuff like a date or name or link.
Groovy. It was occurring to me as I came home that you could just append whatever in the filter though
function filterthing(input) { return input.”hi admin”;}