[wp-hackers] Evaluating impact from yesterday's Trojan'd plugins?

Mike Little wordpress at zed1.com
Wed Jun 22 13:15:37 UTC 2011

On Wed, Jun 22, 2011 at 14:12, Patrick Laverty <patrick_laverty at brown.edu>wrote:

> On Wed, Jun 22, 2011 at 9:02 AM, Alexander Concha <alex at buayacorp.com
> >wrote:
> >
> > It allowed php code execution.
> Even if you have exec() and eval() disabled on your server?
Yes. It was cleverer than a simple exec or eval. But, as pointed out, did
not do anything at all on it's own.

At least, I can confirm that for the wptouch backdoor as that is the only
one I updated. I've assumed the others were the same/similar.

Mike Little

More information about the wp-hackers mailing list