#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2011
    Posts
    31
    Rep Power
    3

    Unhappy Eval code in wordpress??


    So i tried exploit scanner plug in today for the first time, and i was shocked as found so many eval started code, is this serious??

    Please help, how to remove this without effecting the theme and how to undone the damage(If any damage done)!

    explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

    Used by malicious scripts to decode previously obscured data/programs explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));

    Used by malicious scripts to decode previously obscured data/programs $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAA

    Often used to execute malicious code * Javascript, and can be directly eval()'ed with no further parsing

    Often used to execute malicious code j = eval('(' + text + ')');

    Often used to execute malicious code <div class="phptextwidget"><?php eval('?>'.$text); ?></div>

    Often used to execute malicious code cuteOnLoad:function(s){this.onInit.add(function(){eval(s)})},storeSelection:function(){this.editor.w in
  2. #2
  3. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    It's impossible to say for sure without looking at more context for each line, but initially I would say that none of those look like exploits.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo