Investigating Theme Spam

If you’re interested in what spammers are up to these days, check out Snarky’s blog post Evil Eval() investigating the obfuscated spam code hidden in the new WordPress theme he downloaded.

I’d be really interested to see how many of the themes on various WordPress sites include function calls like eval, call_user_func, base64_decode, unpack, ord, chr, etc. as an indicator of hidden spam.

« Athenge Ops Playtested

JavaScript: The Good Parts »

If you play any tabletop games (like D&D, Magic, and Settlers), visit my site NearbyGamers to find folks to game with.

2009-06-05 08:06
Code: decoding, obfuscation, PHP, reverse engineering, spam, WordPress
« Athenge Ops Playtested
» JavaScript: The Good Parts

Conversation is closed

Conversation is currently closed on this post.

Jose Marquez 2009-06-29 15:33

As a former WordPress user and occasional hacker thereof, I’m impressed by Snarky’s deconstruction and appalled at the obfuscation. It might take longer, but this is why I’m a fan of “roll your own” theming. Of course, I also use Drupal, so YMMV.

About

This blog is written by Peter Harkins, a web developer and entrepreneur in Chicago. Feel free to contact me.

I also contribute to the Hackers and Gamers tumblelog.

If you play any tabletop games (like D&D, Magic, and Settlers), visit my site NearbyGamers to find folks to game with.

Push cx

Investigating Theme Spam

Conversation is closed

About

Recently

Categories

Top Tags