• Home

  • Technology

  • You've Been Hacked, Now What? Getting WordPress Up and Running Again
47
You’ve Been Hacked. Now What? Getting WordPress Up and Running Again

You've Been Hacked, Now What? Getting WordPress Up and Running Again

Embed Size (px)

Citation preview

Page 1: You've Been Hacked, Now What? Getting WordPress Up and Running Again

You’ve Been Hacked. Now What?Getting WordPress Up and Running Again

Page 2: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Jeremy Green

@greenhornet79 endocreative.com

Page 3: You've Been Hacked, Now What? Getting WordPress Up and Running Again

[photo of freaked out]

Page 4: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Where Do I Begin?

Page 5: You've Been Hacked, Now What? Getting WordPress Up and Running Again

1. Backup Hacked Site Files

Page 6: You've Been Hacked, Now What? Getting WordPress Up and Running Again

• Site files

• Database

Page 7: You've Been Hacked, Now What? Getting WordPress Up and Running Again

2. Got Shared Hosting?

Page 8: You've Been Hacked, Now What? Getting WordPress Up and Running Again

your site infected site

infection

server

Page 9: You've Been Hacked, Now What? Getting WordPress Up and Running Again

3. Update FTP and MySQL Passwords

Page 10: You've Been Hacked, Now What? Getting WordPress Up and Running Again
Page 11: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Option #1 Restore From a Backup

Page 12: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Manual Method

Page 13: You've Been Hacked, Now What? Getting WordPress Up and Running Again

1. Drop infected database tables

Page 14: You've Been Hacked, Now What? Getting WordPress Up and Running Again

2. Import Clean Database Tables

Page 15: You've Been Hacked, Now What? Getting WordPress Up and Running Again

3. Delete Infected Site Files

Page 16: You've Been Hacked, Now What? Getting WordPress Up and Running Again

4. Upload Clean Site Files

Page 17: You've Been Hacked, Now What? Getting WordPress Up and Running Again

5. Enter URL and Database Settings

Page 18: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Using BackupBuddy

Page 19: You've Been Hacked, Now What? Getting WordPress Up and Running Again

1. Find Backup and ImportBuddy Files

Page 20: You've Been Hacked, Now What? Getting WordPress Up and Running Again

2. Upload Files to Your Server

Page 21: You've Been Hacked, Now What? Getting WordPress Up and Running Again

3. Navigate to ImportBuddy URL

Page 22: You've Been Hacked, Now What? Getting WordPress Up and Running Again

4. Choose Backup File

Page 23: You've Been Hacked, Now What? Getting WordPress Up and Running Again

5. Enter URL and Database Settings

Page 24: You've Been Hacked, Now What? Getting WordPress Up and Running Again

5. Enter URL and Database Settings

Page 25: You've Been Hacked, Now What? Getting WordPress Up and Running Again

That’s great, but…

Page 26: You've Been Hacked, Now What? Getting WordPress Up and Running Again

I don’t have a backup…

I don’t have a backup…

Page 27: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Option #2 Start From Scratch

Page 28: You've Been Hacked, Now What? Getting WordPress Up and Running Again

1. Download Everything Fresh

Page 29: You've Been Hacked, Now What? Getting WordPress Up and Running Again

WordPress

Page 30: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Plugins

Page 31: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Theme

Page 32: You've Been Hacked, Now What? Getting WordPress Up and Running Again

2. Delete WP files on Your Server

Page 33: You've Been Hacked, Now What? Getting WordPress Up and Running Again

3. Upload Fresh Files

Page 34: You've Been Hacked, Now What? Getting WordPress Up and Running Again

4. Move Uploads Folder

Page 35: You've Been Hacked, Now What? Getting WordPress Up and Running Again

5. Go to yoursite.com

Page 36: You've Been Hacked, Now What? Getting WordPress Up and Running Again

6. Update WP Admin Passwords

Page 37: You've Been Hacked, Now What? Getting WordPress Up and Running Again

5. Enter URL and Database Settings

Page 38: You've Been Hacked, Now What? Getting WordPress Up and Running Again

That’s great, but…

Page 39: You've Been Hacked, Now What? Getting WordPress Up and Running Again

I have a custom theme/plugin/etc…

Page 40: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Check Theme Files for Backdoors

• eval()

• base64()

• <iframe>

Page 41: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Check Theme Files for Backdoors

Page 42: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Sort Files by Date Modified

Page 43: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Check for Suspicious Files

Page 44: You've Been Hacked, Now What? Getting WordPress Up and Running Again

5. Enter URL and Database Settings

Page 45: You've Been Hacked, Now What? Getting WordPress Up and Running Again

That’s great, but…

Page 46: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Hire a professional.

Page 47: You've Been Hacked, Now What? Getting WordPress Up and Running Again

Jeremy Green

@greenhornet79 endocreative.com


Tips for Fixing A Hacked WordPress Site - Vlad Lasky

Tips for Fixing A Hacked WordPress Site - Vlad Lasky

Internet
Hacked By PoisonSquad

Hacked By PoisonSquad

Documents
Evaluation Hacked Media

Evaluation Hacked Media

Documents
index-of.co.uk/index-of.co.uk/Hacking-Coleccion/code-obfuscation-php-shells.pdf · BUT WHAT IF YOU FIND YOU'VE BEEN HACKED STAY UP-TO-DATE Withe.ærythirg. Update 3rd party libraries:

index-of.co.uk/index-of.co.uk/Hacking-Coleccion/code-obfuscation-php-shells.pdf · BUT WHAT IF YOU FIND YOU'VE BEEN HACKED STAY UP-TO-DATE Withe.ærythirg. Update 3rd party libraries:

Documents
3 Hacked Chords

3 Hacked Chords

Documents
promueve2012.mx HACKED!

promueve2012.mx HACKED!

Documents
Hacked By Turkhacks

Hacked By Turkhacks

Documents
HACKED BY Mutarrif

HACKED BY Mutarrif

Documents
Your WordPress Site Has Been Hacked: What Now?

Your WordPress Site Has Been Hacked: What Now?

Technology
Do you know if your WordPress site has been hacked?

Do you know if your WordPress site has been hacked?

Technology
Hacked pengolahan kata

Hacked pengolahan kata

Presentations & Public Speaking
Don't let your WordPress site get hacked

Don't let your WordPress site get hacked

Technology
Your WordPress Site is and is not Hacked - You don't know until you check

Your WordPress Site is and is not Hacked - You don't know until you check

Technology
R u hacked

R u hacked

Technology
PRP - Hacked Off

PRP - Hacked Off

Documents
Getting hacked

Getting hacked

Documents
WP Sicher betreiben - Das WordPress Meetup in München..."WordPress infections rose from 74% in 2016 Q3 to 83% in 2017." "At the end of Q3 2016, 61% of hacked WordPress sites recorded

WP Sicher betreiben - Das WordPress Meetup in München..."WordPress infections rose from 74% in 2016 Q3 to 83% in 2017." "At the end of Q3 2016, 61% of hacked WordPress sites recorded

Documents
HACKED WEBSITE TREND REPORT - Sucuri...Wesite Hacked Trend Report Q3 2016 # HackedWesiteReport # askSucuri SucuriSecurity sucurinet 7 Sucuri Inc All rights resered WordPress Analysis

HACKED WEBSITE TREND REPORT - Sucuri...Wesite Hacked Trend Report Q3 2016 # HackedWesiteReport # askSucuri SucuriSecurity sucurinet 7 Sucuri Inc All rights resered WordPress Analysis

Documents
You've Seen One Elohim, You've Seen Them All?

You've Seen One Elohim, You've Seen Them All?

Documents
Your WordPress Website Is/Not Hacked

Your WordPress Website Is/Not Hacked

Internet
Hacked By PaRaziT

Hacked By PaRaziT

Documents
Senior CSIRT Investigator At Privacy, Access and …...“There's now a growing sense of fatalism: It's no longer if or when you get hacked, but the assumption that you've already

Senior CSIRT Investigator At Privacy, Access and …...“There's now a growing sense of fatalism: It's no longer if or when you get hacked, but the assumption that you've already

Documents
Everyone’s Been Hacked

Everyone’s Been Hacked

Documents
You've Been Hacked - Now What? Case Study · 2018. 4. 13. · een Hacked!” simulation, to help financial institution oard members and Senior Executives better understand the real

You've Been Hacked - Now What? Case Study · 2018. 4. 13. · een Hacked!” simulation, to help financial institution oard members and Senior Executives better understand the real

Documents
Hacked tax forms

Hacked tax forms

Technology
Michigan DGS 2015 Presentation - You'Ve Been Hacked Now What - Michael Ashton

Michigan DGS 2015 Presentation - You'Ve Been Hacked Now What - Michael Ashton

Documents
What is Bath: Hacked?

What is Bath: Hacked?

Technology
WordPress Malware Removal Guide · your site has been hacked and now contains malicious code and your wordpress site is redirecting to another site, it just adds fuel to the fire

WordPress Malware Removal Guide · your site has been hacked and now contains malicious code and your wordpress site is redirecting to another site, it just adds fuel to the fire

Documents
Http:// HACKED!!! Securing your Business Ankit Fadia Ethical Hacker fadia.ankit@gmail.com Hacked!!!

Http:// HACKED!!! Securing your Business Ankit Fadia Ethical Hacker [email protected] Hacked!!!

Documents
Hacked - EVERYONE INTRUSTED

Hacked - EVERYONE INTRUSTED

Internet