telophase: (Default)
telophase ([personal profile] telophase) wrote2008-03-28 08:26 pm
  • Add Memory
  • Share This Entry
Entry tags:

O BEST BELOVED HOSTEES!

Those of you who have Wordpress blogs on magatsu.net neeeeeeeeeeeed to go check your database ASAP. Well, first make sure your site is up. :) Then get into your database, into the wp_posts table, and see if there are any empty posts with the title "ro8kfbsmag.txt". If so, you have been hacked. Plz to be deleting those posts, changing your admin login and password, and your MySQL password. (I may need to do that for you - let me know.) Also check the uploads folder within the wp_content directory and see if it's filled with strange stuff. Mine wasn't, but it seems that others have had uploads placed there.

Any questions, ask away.

P.S. Also? You need to upgrade to the latest version of WP if you're not there already. As in: I will upgrade you myself within a week or two if you don't do it, it's that important.
Flat | Top-Level Comments Only

[identity profile] mscongeniality.livejournal.com 2008-03-29 02:13 am (UTC)(link)
I was planning to finish up and post the DOUJINSHI OF HORROR this weekend. That should all be fine, yes?

[identity profile] telophase.livejournal.com 2008-03-29 02:26 am (UTC)(link)
Yep! This was restricted only to Wordpress installs, taking advantage of a security hole the most recent version fixes. :) So the rest of magatsu.net is fine.

[identity profile] mscongeniality.livejournal.com 2008-03-29 02:31 am (UTC)(link)
Keen, just making sure.

[identity profile] rachelmanija.livejournal.com 2008-03-29 03:22 am (UTC)(link)
WOOO-HOOOO! I had given up on ever terrorizing anyone with that, but now my evil plans are back on!

[identity profile] mscongeniality.livejournal.com 2008-03-29 04:02 am (UTC)(link)
Sorry...there's been a variety of things getting in the way so I wanted to finish it now while there's a brief lull. PLUS, I will then get to send it to its new home where it will be loved and appreciated as it should.

[identity profile] telophase.livejournal.com 2008-03-29 04:02 am (UTC)(link)
I'm sure that everyone will agree that it was completely worth the wait.
ext_1502: (Default)

[identity profile] sub-divided.livejournal.com 2008-04-03 01:48 am (UTC)(link)
Where is wp-posts?! I'm looking at the folder with all my wordpress stuff in it (files with names like wp-trackback.php and wp-settings.php, directories with names like wp_content and wp_admin) and I don't see any wp-posts.php.

The uploads folder in in the wp_content directory appears to have nothing but empty folders in it, but that's obviously not really case as my blog still has content. However, I think I'll change my password just to be safe, seeing as it's a password I use in a few other places.

If I am still using WP 2.2.1, do I need to update to 2.5? Or are you talking about needing the latest fix for 2.5, which introduces the hole that this program takes advantage of?




[identity profile] telophase.livejournal.com 2008-04-03 02:08 am (UTC)(link)
You need to upgrade *to* 2.5, as it's the earlier versions that have the hole that's fixed in 2.5 (er, technically fixed in 2.4.something - 2.5 came out this week, after I discovered I'd been hacked and made that post. :D)

wp_posts is a MySQL table, not a database script. If you go into your database at mysql.magatsu.net and look in the wp_posts table, you can see if there are any posts with that as a title. Most likely not: if your site is working, you probably haven't been hit yet. projectbluerose.com was hit on Thursday or Friday sometime, as it went down during that 24 hours.
Flat | Top-Level Comments Only