Tweet
Someone was able to login to my site as "Admin", I could see it in the cp logs. It says they were working with template.php and plugins.
They have somehow been able to insert adsense ads into posts using a combo of javascript and iframes. I thought the code would be in the postbit template, but I cannot find anything. I also tried disabling all of my plugins,etc. but it didnt help. I can't seem to find what they have done anywhere.
When I look at the source code of the ads in the posts I see this. (note: the ads only display to users who are not logged in):
<div class="content"> <div id="post_message_86480"> <blockquote class="postcontent restore "> <!-- google_ad_section_start -->Hi, This is my first post. Thanks<br /> <br /> Love & best wishes,<br /> Lalita.<!-- google_ad_section_end --> <br /><br /><Script Language='Javascript'>document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22% 74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%67%6F%6F%67%6C%65%5F%61%64%5F%63%6C%69% 65%6E%74%20%3D%20%22%63%61%2D%70%75%62%2D%39%31%30%39%36%36%34%32%30%34%35%35%38%33%39%38% 22%3B%67%6F%6F%67%6C%65%5F%61%64%5F%73%6C%6F%74%20%3D%20%22%34%33%35%32%34%37%37%30%36%31% 22%3B%67%6F%6F%67%6C%65%5F%61%64%5F%77%69%64%74%68%20%3D%20%37%32%38%3B%67%6F%6F%67%6C%65% 5F%61%64%5F%68%65%69%67%68%74%20%3D%20%39%30%3B%3C%2F%73%63%72%69%70%74%3E%0A%3C%73%63%72% 69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63% 3D%22%68%74%74%70%3A%2F%2F%70%61%67%65%61%64%32%2E%67%6F%6F%67%6C%65%73%79%6E%64%69%63%61% 74%69%6F%6E%2E%63%6F%6D%2F%70%61%67%65%61%64%2F%73%68%6F%77%5F%61%64%73%2E%6A%73%22%3E%3C% 2F%73%63%72%69%70%74%3E'));</Script> </blockquote> </div> </div> </div> <div class="after_content">
They have somehow been able to insert adsense ads into posts using a combo of javascript and iframes. I thought the code would be in the postbit template, but I cannot find anything. I also tried disabling all of my plugins,etc. but it didnt help. I can't seem to find what they have done anywhere.
When I look at the source code of the ads in the posts I see this. (note: the ads only display to users who are not logged in):
<div class="content"> <div id="post_message_86480"> <blockquote class="postcontent restore "> <!-- google_ad_section_start -->Hi, This is my first post. Thanks<br /> <br /> Love & best wishes,<br /> Lalita.<!-- google_ad_section_end --> <br /><br /><Script Language='Javascript'>document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22% 74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%3E%67%6F%6F%67%6C%65%5F%61%64%5F%63%6C%69% 65%6E%74%20%3D%20%22%63%61%2D%70%75%62%2D%39%31%30%39%36%36%34%32%30%34%35%35%38%33%39%38% 22%3B%67%6F%6F%67%6C%65%5F%61%64%5F%73%6C%6F%74%20%3D%20%22%34%33%35%32%34%37%37%30%36%31% 22%3B%67%6F%6F%67%6C%65%5F%61%64%5F%77%69%64%74%68%20%3D%20%37%32%38%3B%67%6F%6F%67%6C%65% 5F%61%64%5F%68%65%69%67%68%74%20%3D%20%39%30%3B%3C%2F%73%63%72%69%70%74%3E%0A%3C%73%63%72% 69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63% 3D%22%68%74%74%70%3A%2F%2F%70%61%67%65%61%64%32%2E%67%6F%6F%67%6C%65%73%79%6E%64%69%63%61% 74%69%6F%6E%2E%63%6F%6D%2F%70%61%67%65%61%64%2F%73%68%6F%77%5F%61%64%73%2E%6A%73%22%3E%3C% 2F%73%63%72%69%70%74%3E'));</Script> </blockquote> </div> </div> </div> <div class="after_content">
Comment