June 16, 2017 lawrenceamer no responses

be careful before downloading wordpress nulled premium themes

Want create site? With Free visual composer you can do it easy.

Hi , since about two days , i started to investigate how hackers can benfits from something called nulled premium wordpress themes , every premium theme cost about 49$ when we are talking about professional template , and now you get it for FREE for no reason , this kind of offer put you in the case and ofcourse there is a benefit from it  , so let’s pick up a site that provide this type of hacking wordpress themes and put it online for free , dlwordpress.com is one of the most famous sites in this category .

HOW I HAD DETECTED THEM ?

now let’s go deep together to analysis a theme already uploaded to dlwordpress site . first after download the theme zip file from here ,

let go into folder called  ” framework ” and look for a file “init.php” . so the code will be shown as in picture below

as you can see you will see the install code encoded using base64 , the next step is we are going to decode this type to see where is the backdoor which is used by hackers , as shown in picture below

they are using the host called apiword.press with malicious php shell code “o.php” to drop a kind of php backdoor to hijack your wordpress site and get access into it , the risk occurs since this type of backdoor is not yet detected by clamav which is used on web hosting servers as virus scanner . so you have to do it manually for now .

 

i hope this proof of concept helped you to be in safe while wordpress in the most used platform in blogging , so my advise is to purchase what you want directly from the owner of template you want ,

Did you find apk for android? You can find new Free Android Games and apps.
Share it!
Aenean mattis venenatis

Leave a Reply

Your email address will not be published. Required fields are marked *

Lawrence Amer | CPTE , CEH