Thursday, December 2, 2010

Cmtr worpress hack exploit

I have the latest wordpress install wordpress 3.0.2 and got plugins secure wordpress . But today i opened the site and found the words CmTr . The index.php file was wiped clean and the only word in the file was CmTr

A google search finds
CmTr | Zone-H.org
Hacked By CmTr
bycmtr.wordpress.com
H - Homepage defacement
http://www.facebook.com/pages/Turk-dusmanlari-desifre-ediliyor/260218431669
http://www.exploit-db.com/
CmTr
İletişim: xcem_boyx@hotmail.com

Zone -H Linkım için TIKLA
http://www.cyber-warrior.org/draftbeer


RESOLVED
Found out this was due to an exploit on the hosting providers cpanel.


anyone know how to secure wordpress against this exploit ,please post your tips in the comments.
the wordpress site does not even find Cmtr in their searches and i do not know how to find /ask for help on wordpress

Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 429232 bytes) in /public_html/wp-admin/includes/admin.php on line 34
the above error comes after activating buddy press

3 comments:

  1. Hi there,

    What exactly was the vulnerability as there is almost no information online on where I can find out what the actual exploit is. I have 100's of sites to fix so this information is vital in order for me to patch the server properly and prevent this from happening in future.

    Thanks,
    Charles

    ReplyDelete
  2. just upload a new copy of index.php from your WP installer and overwrite it.

    www.websources.info

    ReplyDelete
  3. oops also make sure that index.php is set to read-only

    ReplyDelete