π
Ίπ
Έπ
Ό ππ
²π
·ππ
»π:~$ βThe other day I was asked to help clean a wordpress installation that had unwanted visitors. It was a fun journey looking through the backdoor code and a wrote a small piece about it here:
https://schulz.dk/2026/05/14/the-wordpress-backdoor-that-forgot-to-be-php/
WP is great for many things but so wide-spread that bad actors will try to find holes in it.
#wordpress #infosec #security #malware @blog #blogpost #php #code #backdoor #walkthrough
https://schulz.dk/2026/05/14/the-wordpress-backdoor-that-forgot-to-be-php/
WP is great for many things but so wide-spread that bad actors will try to find holes in it.
#wordpress #infosec #security #malware @blog #blogpost #php #code #backdoor #walkthrough
The WordPress Backdoor That Forgot to Be PHP - SCHULZ:DK
A WordPress backdoor hidden in functions.php is bad enough. One pasted after the closing ?> tag is almost poetic: malware that forgot to become PHP and instead printed its own confession. Here is a technical walk-through of a hidden admin account, query tampering, fake user counts, and the grim beauty of neglected WordPress hygiene.