Terence Eden on Nostr: If you've been hit, a quick way to find all the compromised plugins is: grep -r ...
If you've been hit, a quick way to find all the compromised plugins is:
grep -r --include="*.php" "94\.156\.79" .
That should show which files to delete.
Not really how I wanted to spend my evening TBQH!
Published at
2024-07-17 23:06:03Event JSON
{
"id": "255531efa78b50592832c2e9459ced371c74403dfd360a7415899be11df25b33",
"pubkey": "fddf487eea9db57a6e320f80e5cb63de50bedf539695a41c0d447be6c23643e1",
"created_at": 1721257563,
"kind": 1,
"tags": [
[
"e",
"168357e786b989a93a0baa3c36cb0e2a6400663d44fc68b5da8010c84e3d5dcf",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://mastodon.social/users/Edent/statuses/112804335659131494",
"activitypub"
]
],
"content": "If you've been hit, a quick way to find all the compromised plugins is:\n\ngrep -r --include=\"*.php\" \"94\\.156\\.79\" .\n\nThat should show which files to delete.\n\nNot really how I wanted to spend my evening TBQH!",
"sig": "1285009b854ca3e6b5f8fd272a6cd86547685065fac23febc99333da035626003a8e8fecf3628c103b18a00ae98fcf6d0a607f15bc144b0af91c18f812035e86"
}
