Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #24161

    Hi!

    I think my web (http://droidecomunidad.com) has been hacked. My problem is the same that this: http://www.kriesi.at/support/topic/angular-theme-hacked. As in that case, I can’t acces to the wp-admin, the site does not render properly and I get this messsage: Warning: html_entity_decode() [function.html-entity-decode]: charset `UTF-7′ not supported, assuming iso-8859-1 in /home4/wmqvxmjc/public_html/wp-content/themes/propulsion/framework/php/function-set-avia-backend.php on line 536.

    Since I realized it, I’ve done several things, but none has solved it.

    - I replaced entirely the current public_html folder of the server by a previous version, but it didn’t fix it. (Then I replaced the previous version by the last one)

    – In the current version of the public_html folder, I replaced the folder wp-content>themes>propulsion by the latest version of the theme. It didn’t work.

    – In the current version of the public_html folder, I replaced the wordpress files and folders by the latest version. Neither it worked

    Finally, I annulled all the changes and now the content of the public_html folder is, again, the one that has been hacked.

    I do really need your help.

    Thanks a lot

    #122602

    The problem is the database and not the files. Use phpmyadmin (or any other db management tool) to access the database. Then open the wordpress database and navigate to wp_options > “blog_charset”. Edit the “blog_charset” field and insert “UTF-8″ (without “”) as value. Then save the field.

    #122603

    It works! Thank you very much.

    Just in case someone has the same problem: the hacker has also inserted a code in a text widget and, in the wp_options>blog name, has replaced the blog name by “Hacked by Gabby”.

    What can I do to prevent that in future?

    #122604

    Hi!

    Update the theme to the latest version (2.0). We had a XSS vulnerability in the framework (I think older versions up to 1.3).

    Regards,

    Peter

Viewing 4 posts - 1 through 4 (of 4 total)

The topic ‘Web hacked’ is closed to new replies.