Monetize your website with Chitika eMiniMalls
Powered by MaxBlogPress 

Would you like to get paid for signing up for a web hosting plan with Bluehost.com?
Powered by MaxBlogPress 

Web site hacked

Posted on January 24, 2008
Filed Under blogging |

If you've enjoyed reading this post then please subscribe to my Full Text RSS Feed.

My blog was hacked this morning. I came in to work, looked at my web site and all that was displayed was a message from the hacker:

Hacked by VexD
Legalize Weed!

I looked at my stats and discovered someone googled “wordpress forum plugin by fredrik fahlstad. version: 1.7.4″ and the person spent 22 minutes on my web site. Now we know why. I have the the wordpress forum widget activated and after spending some time googling, I found out that the forum script has a vulnerability which allows remote sql injection exploit. The hacker changed my admin password and wiped out my index.php. Thankfully the database was still intact. I replaced the index.php from another wordpress installation and changed my admin password before I could login.

Here is a link showing how the hacker executed the remote sql injection.

http://www.secumania.org/exploit/Wordpress-plugin-WP-Forum-1.7.4-Remote-SQL-Injection-Vulnerability.txt

I have deactivated the wordpress forum until I am sure that there is a fix for the vulnerability. Anyone else who has experienced similar type of hack, please let me know by leaving a comment.

Sphere: Related Content

Other Related Posts:

  • Securing your WordPress installation
  • Getting free traffic to your site
  • Facebook to buy Zhanzou.com is a rumour
  • Tips from Matt Cutts to protect WordPress installation
  • Facebook reveals advertising solution

  • If you've enjoyed reading this post then why not subscribe to received updates by email.

    Enter your email address:

    Delivered by FeedBurner

    Email This Post Email This Post

    Trackback This Post

    Comments

    5 Responses to “Web site hacked”

    1. Thomas on January 24th, 2008 9:57 pm

      Omg! I got hacked by the same person today!
      And I also have the forum plugin.

    2. ash on January 25th, 2008 3:19 pm

      Extracted from Fahlstad’s website forum:

      This vulnerability when exploited successfully allows the individual to retrieve usernames, password hashes, and email addresses for all users, including administrators. However, the user has to have knowledge of the proper database table prefix. This vulnerability has been confirmed in version 1.7.4 which is currently the most recent version available for download.

      http://www.fahlstad.se/?page_id=243&forumaction=showprofile&user=925

    3. Michael Aulia on January 29th, 2008 2:21 am

      That’s pretty scary :|

    4. Wordpress Blog Hacking Prevention on January 29th, 2008 11:40 am

      [...] there are some methods of prevention shared by fellow blogger; AshChuan. Her blog was recently hacked into on January 24 and luckily no data was [...]

    5. tony on January 31st, 2008 4:23 pm

      My wordpress site was hacked and I also noticed searches for that forum plugin. I since disabled it.

    Leave a Reply