How to hack localhost?

A

artjerom2015-10-14 03:46:14

linux

artjerom, 2015-10-14 03:46:14

Today I discovered that my system was hacked (it is unlikely that this is a site, because it is on localhost). localhost/upEnvato.net/wp-admin/customize.php?url=... at this address there was an inscription in full screen "Hacker or what?". I use linux mint, wordpress site. There were no malicious files or site visits from a work laptop. But var/log/auth.log turned out to be cleaned for October 13 (no sessions, although it worked all day). I still wanted to change the system, so I want to protect myself from such problems in the future

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

D', 2015-10-14
@artjerom

This is either protecting WP itself, or some plugin, from a direct request to files.
That is, there is somewhere in the code:

if (!defined('HACKER')) {
 die('Хакер чтоли?');
}

Nothing criminal

M

MetaDone, 2015-10-14
@MetaDone

As far as I remember - WordPress issues such a message in the absence of a nonce, or when you try to do something without the appropriate access rights, so no one broke you