Results 1 to 6 of 6

Thread: Tim thumb hacking in Classipress V. 3.1.4?

  1. #1
    Thread Starter
    Amateur erotic1's Avatar
    Join Date
    Aug 2011
    Location
    United States
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Tim thumb hacking in Classipress V. 3.1.4?

    We are running WordPress 3.5.2 with Classipress version 3. 1.4. Several months ago we got notice from our host that our server had some kind of bot running that was sending spam. We quickly tracked it down to a wordpress install running Classipress 3.1.4. I saw that "flickr.com" folder had been installed on server some how and I deleted it. I changed all the passwords, etc, etc but it still comes back. The malware scanner also indicated that it was a possible tim thumb exploit so we updated those files as well. No matter what, once every month it restarts again. I have no idea how they are getting in. It's not by FTP so it must be some kind of exploit in the theme. We made many customizations to the 3. 1.4 theme files so upgrading the theme is not an option at this point.

    Has anyone else had this problem and know what hole to close?

    Thank you.

  2. #2
    talent's Avatar
    Join Date
    Jul 2011
    Location
    London UK
    Posts
    3,497
    Thanks
    75
    Thanked 553 Times in 502 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    $function ('CUSTOMIZATION'); } else { .DESIGN { display: awesome; }
    If you require any additional functionality or design customization, just ask. Afterall... anything is possible! However, I may not know how to implement your particular request, but if you don't ask, you don't get

    If you build it, they will come...


  3. #3
    ridabenharrou's Avatar
    Join Date
    Jun 2011
    Location
    Morocco
    Posts
    169
    Thanks
    2
    Thanked 45 Times in 32 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

  4. #4
    Thread Starter
    Amateur erotic1's Avatar
    Join Date
    Aug 2011
    Location
    United States
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

  5. #5
    samcy's Avatar
    Join Date
    Mar 2012
    Location
    Germany
    Posts
    12,098
    Thanks
    121
    Thanked 1,756 Times in 1,442 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    Rolf Hassel (Samcy)

  6. #6
    Thread Starter
    Amateur erotic1's Avatar
    Join Date
    Aug 2011
    Location
    United States
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Samcy Hacking ads bypass in ClassiPress 3.x.x - Hole Security
    By patrickjose in forum ClassiPress General Discussion
    Replies: 22
    Last Post: April 4th, 2014, 07:01 PM
  2. Dimitris In case of hacking...
    By droopy in forum Report ClassiPress Bugs
    Replies: 1
    Last Post: February 12th, 2013, 12:14 PM
  3. Wordpress Hacking
    By brianbemis in forum ClassiPress General Discussion
    Replies: 15
    Last Post: December 3rd, 2012, 02:24 PM
  4. Hacking Featured Ads?
    By stump in forum ClassiPress General Discussion
    Replies: 6
    Last Post: November 25th, 2012, 07:42 AM
  5. IS this someone hacking
    By mefindcoupon in forum Report Clipper Bugs
    Replies: 4
    Last Post: May 5th, 2012, 06:45 AM