Woozone
Wordfence
Kindly help scan the recent one
Woozone
-
You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
My Site's been hacked!
- Thread starter YUCATAN.DANCE
- Start date
Wordfence
Kindly help scan the recent one
Woozone
Neither of the plugins have any virus or even the infected dot file you posted in the screenshots !!!
Please download both files and check if the files are there and you will see they are not !
What do you suggest i do?
This is serious.
i just tried to install the website backup on a sub-domain, scanned and clicked on delete all infected file since it could not repair and wolla, the website is totally broken.
i have to rebuild now or what do you advice i do. how come the virus is affecting the website?
kindly help me check the theme and main plugin with your antivirus so as to know my fate
Theme
have you checked for the files after unzipping the downloaded plugins to your PC ? it will not be there
if you want to test you cannot just install on a subdomain because the virus already have access !!!
what theme are you using ?! and if you can PM your website URL
no malware detected in both the theme or woozone
P.S: check your code manually for includes of the detected files you mentioned in the screenshots . it was a dot files so maybe it's used as a file include in your main code.
Last edited:
READ THIS!:
don't blame anyone or Babiato what happen to you if you aware that you are using nulled resources! TAKE YOUR OWN RISK!
don't blame anyone or Babiato what happen to you if you aware that you are using nulled resources! TAKE YOUR OWN RISK!
Dear All,
Delete all infected file manually then, change your php file system, ex. if php 7.4 then change it to 8.0 or 8.1 or 7.2 anything,
Delete all infected file manually then, change your php file system, ex. if php 7.4 then change it to 8.0 or 8.1 or 7.2 anything,
That makes a lot of sense. Using one or two nulled plugin from a trusted source is fine, that way in case of an hack/malware incident the cause of it can be easily identified.
This is exactly why people need to stop blaming nulled resources whenever a website gets hacked/exploited. One of my websites was using a nulled theme and was later attacked by some azzhole using a (RFI) remote file inclusion attack. He dropped a shell onto my server using the theme's
code. He then tried adding more malicious files but my hosting provider blocked all attempts and the "hacker" gave up to bother someone else.After, I go to the theme's Envato Themeforest page and look at the log to realize that the theme was last updated the day prior. Apparently the theme creator had to update the theme files because his buyer's we're complaining to him about their sites getting hacked because his code was easily exploitable.
Nothing to do with nulled themes versus purchased themes. Just simply a garbage coded theme. Glad I didn't actually pay for it
And for the most part I trust Babiato uploaders who are nice enough to share files, but sometimes I also like to purchase themes when I have enough money and want to support the theme creator. However if your client is paying you to setup a website for them, don't use a nulled theme. Give them what they pay for. My opinion 
I mostly use nulled plugins/themes from day one & the websites are running fine without any problems.
Hostgator hosting sucks. it's full of viruses. a few years back I migrated my new client website from Hostgator to my hosting & it was fully infected with malware. our malware found hundreds of malware-infected files in his backup file.
Hostgator hosting sucks. it's full of viruses. a few years back I migrated my new client website from Hostgator to my hosting & it was fully infected with malware. our malware found hundreds of malware-infected files in his backup file.
"..However if your client is paying you to setup a website for them, don't use a nulled theme. Give them what they pay for..." This is very well said and i think the most pros in here stick to it.This is exactly why people need to stop blaming nulled resources whenever a website gets hacked/exploited. One of my websites was using a nulled theme and was later attacked by some azzhole using a (RFI) remote file inclusion attack. He dropped a shell onto my server using the theme's
After, I go to the theme's Envato Themeforest page and look at the log to realize that the theme was last updated the day prior. Apparently the theme creator had to update the theme files because his buyer's we're complaining to him about their sites getting hacked because his code was easily exploitable.
Nothing to do with nulled themes versus purchased themes. Just simply a garbage coded theme. Glad I didn't actually pay for it
We all can also agree to your point that purchased themes and plugins can have vulnerabilities that mostly lead to a site-takeover and avada had some of these already, that is part of software development in many cases. It can be avoided but never denied
:"..Nothing to do with nulled themes versus purchased themes."..I can only disagree to that, simply because nulled themes/plugins that come from untrusted (even sometimes trusted) sources have a much higher risk of being intentionally infected. And as such they are never tested by security providers like wordfence and others...because they are not official. So they keep spreading and infecting...
I mean it's so easily done, everyone can doit and post it even here..Take a theme/plugin, unzip it, copy-paste a reverse shell into a php file, zip it all together and paste it in any of the forums.."Hey, here is latest of avada theme, nulled and virustotal check..enjoy!"
..Not all but many will fall for it!regards!
Maybe what the best thing to do is have a section where people can upload their plugins and when others have time they might be able to check the plugin code (experienced people).
There must be a warning in the post that tells people not to use the plugins attached because of hacking attempts / takeovers.
People need to understand that using nulled plugins may have problems with vulnerable code and it's up to the site builder to fix.
This sort of thing is super common.
There must be a warning in the post that tells people not to use the plugins attached because of hacking attempts / takeovers.
People need to understand that using nulled plugins may have problems with vulnerable code and it's up to the site builder to fix.
This sort of thing is super common.
if someone upload clean or untouched plugin from original developer, we can compare with nulled version here, what suspicious with there code
Similar threads
