TECH One of my accounts is sending spam

subwoofer

OT Supporter
Aug 28, 2003
10,980
california
Has an older version of wordpress installed, lots of customization. There are no forms on the website. wp was customized by a third party and do not want to upgrade it (may break the website)

I believe the username/pw were compromised and somehow a bunch of scripts were installed. I deleted all the folders/files that weren't necessary, changed all the passwords, and disabled the mail function in php.ini for that account only.

However, email is still being sent through, or at least trying to send. It shows up in my mail queue manager.

how do i find out where the mail is being sent from? I would like to put a stop to this. i temporarily suspended the account and the mailings have stopped...
 

Browning

Most Adblocked AV Ever
Feb 14, 2005
90,023
back it up and set it up on another domain, update, get it lined out then transfer back over:dunno:
 
TS
TS
subwoofer

subwoofer

OT Supporter
Aug 28, 2003
10,980
california
How do I check for cron jobs for another user via root via ssh...? the account is currently suspended so i cannot login as it
 

fishbulb

Well-Known Member
Oct 29, 2001
7,112
crontab -l

I think you'd be able to find where the emails were coming from in your logs though, at least see what scripts/pages are being accessed, no?
 
TS
TS
subwoofer

subwoofer

OT Supporter
Aug 28, 2003
10,980
california
there are no crontabs running.

the only thing left on the account is an old version of wordpress. i'm assuming it was exploited somehow...
 

villain

OT Supporter
May 1, 2002
2,399
guy accessed your wp, most likely due to the exploit of an older wordpress. Upgrade or else you'll find problems again.

Check all the directories, all your files. (including default ones such as akismet and hellodolly (most common to being replaced by attacks).
Check your logs.

If you really want to get deeper into it. Just download the backup, instgall the whole thing into localhost via WAMP and disable your interwebs.
 

Users who are viewing this thread

About Us

  • Please do not post anything that violates any Local, State, Federal or International Laws. Your privacy is protected. You have the right to be forgotten. Site funded by advertising, link monetization and member support.
OT v15.8.1 Copyright © 2000-2022 Offtopic.com
Served by fu.offtopic.com

Online statistics

Members online
215
Guests online
44
Total visitors
259

Forum statistics

Threads
369,401
Messages
16,881,047
Members
86,872
Latest member
btcdiana