How to repair Wordpress from hackers!




Tagged Under : , , ,

Version: 12.1
Revision: 13 Build 11

How to repair Wordpress from hackers!

Introduction:
When you are working really hard on your Wordpress and gain a good amount of visitors, you are in the line as a target practice for hackers and cyber-space criminals. In other terms, if you get hacked by these idiots, then you are in big trouble! This can also effect your rankings, offending readers to expose ‘Virus and Trojans’ attacks and infect other reader’s computer; making you as an unwilling promoter to subject materials that is not related to the article or the blog. Nevertheless, It can also be classified into many sources, for example: “spam, rude topics, swearing and pranks.” But, the worse dilemma is losing your articles and valuable contents. However, if this happens to you, it is best to not postpone on the clean up process, since a speedy restore will generally minimize the damage that was caused by the morons. That is right… the crazy hackers!

On the other hand, there are many sources that will suggest you to upgrade your Wordpress to the latest version. However, there is a flaw in the upgrade, as most users will not notify you that the hacker may have left a backdoor (hidden file) in a directory where it wouldn’t get overwritten with the actually upgrade, or injected code into your theme. Therefore, I am writing this article to completely clean and restore a Wordpress installation that has been hacked.

1.] Backup your website and database.

Backing up a hacked copy of your blog or database, it is still a crucial process as it contains valuable information and files. You really don’t want to lose your data if something goes wrong with the cleanup process. Even worse, you can take a risk and restore things back to their hacked state and start over.

2.] Create a copy of your uploaded files and images.

Images are generally safe from posing a security risk and ones that you uploaded by yourself (for example: the ones that was included with a theme, for instance) will be harder to trace and replace after things are fixed again. Therefore, I would recommend you to grab a copy of all the images in your uploaded folder to avoid broken images in your posts (later on). If you have any non-image files that may possibly been compromised, such as zip files, plugins or php scripts that you were offering people, it is a good idea to grab fresh copies of those from the original source.

3.] Download a fresh copy of WP, plugins and a clean template.

Upgrading Wordpress automatically, it will make life easier for you and everyone! However, it will only replace specific files, and it doesn’t delete obsolete ones. It will also leave your current themes and plugins in its original place. This means, if you use to upgrade a blog that has already been compromised, it can very well leave attackers a door to get back in. So, it is best to start from scratch as far as your file portion and installation goes.

4.] Delete all files and folders in WP directory & upload!

FTP protocol = Slower (depends on your file size and folders).
Cpanel Manager = Faster (depends on your server responses).

When you have a fresh copy of all your files and folders, you will need to completely wipe (Erase) the entire directory and the structure of your blog. This is the only (possible) way to completely remove all infected files. You can do all of these through FTP protocol, but due to the way that FTP handle folder’s deletion, this can be slow as hell! This can also disconnect you from your server, due to flooding with FTP commands. Nevertheless, if you have Cpanel, you can compress everything in a Zip file and extract them within the server, and it will also shorten your time!

Notes: if you are uploading your files and folders in a Zip file, there is a high chance that your codes, they are not broken or corrupted. Therefore, if you have Cpanel, please take the advantage and safe your time and bandwidth.

6.] Run a database update!

At this stage, you will need to give WP a little boot in the backside. In other words, you will need to point your browser at “/wp-admin/upgrade.php”.

7.] Change your Admin password!

From this level, if you have more than one Admin, and you can’t get the others to change their passwords, then I would suggest you to change their user levels (privileges) until they can change their password. Simple…

On the other hand, if there is anyone in your user list that has ‘editing’ capabilities, and you don’t recognize them, it’s best to kick (remove) them out of your blog. But, for the best security, I would recommend you to delete everyone!

8.] Check all posts and articles for ‘iframe’ hacks!

Inside your Cpanel, you will need to direct yourself to “phpMyAdmin” and run the following sql scripts.

This script searches your SQL database for hidden iframes, script injection and display.
Also, please note that you can delete these rows if it exists (it should be rebuilt dynamically)
———————————-

SELECT * FROM wp_posts WHERE post_content LIKE '%iframe%'

SELECT * FROM wp_posts WHERE post_content LIKE '%noscript%'

SELECT * FROM wp_posts WHERE post_content LIKE '%display:%'

———————————-

If you want to combine the above script into a single batch – process, you can use this scripts as an alternative.
———————————-

SELECT * FROM wp_posts WHERE post_content LIKE '%iframe%' OR post_content LIKE  '%noscript%' OR post_content LIKE  '%display:%';

———————————-

9.] Double check your blog (for a second time) and look into your SQL database for anything suspicious!
Don’t just sit back and think it’s all done like a paper airplane!!

Keep a lookout at all time and manually update your Wordpress!

Copyrighted By Lair360




Fix corrupted Hal.dll – Windows Xp




Tagged Under : , , , ,

Version: 43.4
Revision: 54 Build 122

Fix corrupted Hal.dll – Windows Xp

Introduction:
if your Windows Xp cannot find the file called: hal.dll, your operating system will trigger error message telling you that the important file was damaged, corrupted or deleted for a number of reasons. To solve this issues, please read this guide carefully…

Part One: use windows Xp CD to execute “recovery console”
———————————————-
1.] Boot your computer with Microsoft Windows XP CD.

Notes: If you don’t have a copy of “Microsoft Windows XP CD”, or if the computer you are working on does not have a CD drive, you can boot from a set of Windows XP Bootable disks. You can download a copy from this link: http://support.microsoft.com/kb/310994/en-us

2.] When the system boots, you will be presented with a screen that gives you three choices…

a.] To setup Windows XP now, press ENTER.
b.] To repair a Windows XP installation using Recovery Console, press R.
c.] To quit Setup without installing Windows XP, press F3.

Notes: Press the [R] button on your keyboard to start the Recovery Console.

3.] When you reach the command prompt, you’ll need to type in your administrator password.
But, for the default password, just leave it blank and hit “Enter” on your keyboard.

4.] Type in the following commands…

5.] Type “bootcfg /list” (without the quotes) to show the current entries in the “boot.ini” file.

6.] Now, type “bootcfg /rebuild” (without the quotes) to repair the boot file.

7.] Take out the cd-rom and type: “exit” (without the quotes).

8.] Reboot your computer.

8.] Finish!

Advice: if your operating systems is still telling you that your hal.dll is damaged, corrupted or deleted for a number of reasons. I would recommend you to continue with “Part Two”…

Part Two: use windows Xp CD to repair to recover corrupted files
———————————————-
1.] Boot your computer with Microsoft Windows XP CD.

Notes: If you don’t have a copy of “Microsoft Windows XP CD”, or if the computer you are working on does not have a CD drive, you can boot from a set of Windows XP Bootable disks. You can download a copy from this link: http://support.microsoft.com/kb/310994/en-us

2.] When the system boots, you will be presented with a screen that gives you three choices…

a.] To setup Windows XP now, press ENTER.
b.] To repair a Windows XP installation using Recovery Console, press R.
c.] To quit Setup without installing Windows XP, press F3.

Notes: Press the [R] button on your keyboard to start the Recovery Console.

3.] When you reach the command prompt, you’ll need to type in your administrator password.
But, for the default password, just leave it blank and hit “Enter” on your keyboard.

4.] Type in the following commands…

expand x:\i386\hal.dl_ y:\windows\system32\hal.dll

Notes: In the above example “X”, this would be the letter of your CD-ROM drive and “Y” would be the letter of the drive your operating system is installed on.

Example: expand d:\i386\hal.dl_ c:\windows\system32\hal.dll

Notes: If you’re prompted to overwrite the file, press ‘Y’ and proceed.

5.] Take out the cd-rom and type: “exit” (without the quotes).

6.] Reboot your computer.

7.] Problem resolved!

Copyrighted by Lair360




Repair Windows – Master Boot Record and Boot Sector




Tagged Under : , ,

Version: 45.2
Revision: 36 Build 78

How to repair Windows’ Master Boot Record and Boot Sector

Introduction: this guide will help you to repair corrupted boot files or missing boot files.
However, you’ll need a copy of “Windows XP CD” with “Microsoft Recovery Console” utility.

Part 1: Launch Recovery Console and repair master boot record.

1.] Insert a live – bootable disk.

Notes: watch for a “Press any key to boot from CD…” message when your computer is booting up!

2.] When you launch Windows XP you’ll need to press ‘F3’ to access the Recovery Console.
3.] Select a windows installation directory.

Notes: if you only have one Windows installation you will need to press “1″.

1: C:\WINDOWS

Notes: Recovery Console will load and will prompt you to enter your local administrator’s password.
This is often different from the domain administrator’s password.

Once you enter the password, you’ll be taken to a command prompt…

3.] Type this command…

Fixmbr <device_name>

Notes: you’ll need to replace “<device_name>” with your master drive. This is normally “C:\” as your default drive with “Windows” directories. Here is an example…

fixmbr C:

This will repair any broken “master boot record” from your “Windows” directory.

Tips: if you only have one operating system you can type this command…

Fixmbr

4.] If you’re finish with the repair, you can stop at this stage and use this command….

a.] Take out the Windows XP CD
b.] Type: exit
c.] Press ‘Enter’ to restart your PC

If you would like to continue and repair your “Boot Sector”, please look at “Part 2”…

Part 2: Repair Boot Sector.

1.] After part 1, you’ll need to type this command…

Fixboot C:

Alternative: If there is only one hard drive, you can use this command…

Fixboot

2.] Press “Enter” and answer “Y” [without the quotes].

3.] When everything is done and completed, please take out the “Windows XP CD”.

4.] Type this command…

Exit

5.] Press ‘Enter’ to restart your PC

6.] Done!

Notes: If Windows XP won’t start, it might be linked to these issues…

a.] Damaged boot sector.
b.] Missing ‘ntldr’ or ‘ntdetect.com’ files.
c.] Corrupt ‘ntldr’ or ‘ntdetect.com’ files.

To resolve these issues, you can perform this fix by entering these command…

COPY X:\i386\NTLDR C:\
COPY X:\i386\NTDETECT.COM C:
\

- Please replace the letter ‘X’ with your CD-Rom drive letter.

Notice: if you’re prompted to overwrite either of the two files, press Y.

Copyrighted By Lair360