Exploit Scanner

Installation Instructions

1. Download and unzip the plugin.
2. Copy the exploit-scanner directory into your plugins folder.
3. Visit your Plugins page and activate the plugin.
4. A new menu item called “Exploit Scanner” will be available under the Tools menu.

How do I fix the out of memory error?

Scanning your website can take quite a bit of memory. The plugin tries to allocate 128MB but sometimes that’s not enough. You can modify the amount of memory PHP has access to from within the plugin admin page. You can also limit the max size of scanned files. Reduce this number to skip more files but be aware that it may miss hacked files. Any skipped files are listed after scanning. Memory is also used if you have deep directories because of the way the scanner works. It will help if you clean out any cache directories (wp-content/cache/ for example) before scanning.

1.5.2

• Added hashes for WordPress 4.7.5

1.5.1

• WordPress 4.6 hashes
• WordPress 4.6.1 hashes
• WordPress 4.7 hashes

1.5

• WordPress 4.5.3 hashes
• Move to follow WP versioning system

1.4.12

• WordPress 4.5.2 hashes

1.4.11

• WordPress 4.5 hashes
• WordPress 4.5.1 hashes

1.4.10

• WordPress 4.4.1 hashes

1.4.9

• WordPress 4.4 hashes

1.4.8

• WordPress 4.3.1 security release hashes
• Other missing hashes

1.4.7

• WordPress 4.3 hashes

1.4.6

• WordPress 4.2.3 hashes
• WordPress 4.2.4 hashes

1.4.5

• WordPress 4.2.2 hashes

1.4.4

• WordPress 3.7.3 hashes
• WordPress 3.7.4 hashes
• WordPress 3.7.5 hashes
• WordPress 3.7.6 hashes
• WordPress 3.7.7 hashes
• WordPress 3.8.4 hashes
• WordPress 3.8.5 hashes
• WordPress 3.8.6 hashes
• WordPress 3.8.7 hashes
• WordPress 3.9.4 hashes
• WordPress 3.9.5 hashes
• WordPress 4.0.2 hashes
• WordPress 4.0.3 hashes
• WordPress 4.0.4 hashes
• WordPress 4.1.4 hashes
• WordPress 4.2.1 hashes

1.4.3

• WordPress 4.1.3 hashes

1.4.2

• WordPress 4.2 hashes

1.4.1

• WordPress 3.9.3, 4.1, 4.1.1 and 4.1.2 hashes

1.4

• Remove an example link to a hacked site
• Fixed the eval() check incorrectly matching function names that end in “eval”
• Fixed some PHP warnings
• WordPress 3.5.2 hashes
• WordPress 3.6 and 3.6.1 hashes
• WordPress 3.7, 3.7.1 and 3.7.2 hashes
• WordPress 3.8, 3.8.1, 3.8.2 and 3.7.3 hashes
• WordPress 3.9, 3.9.1 and 3.9.2 hashes
• WordPress 4.0 and 4.0.1 hashes

1.3.3

• WordPress 3.5 and 3.5.1 hashes

1.3.2

• WordPress 3.4.2 hashes

1.3.1

• WordPress 3.4.1 hashes

1.3

• Detect unknown files in the wp-admin and wp-includes directories
• WordPress 3.4 hashes

1.2.1

• WordPress 3.3.2 hashes

1.2

• WordPress 3.3.1 hashes
• Use help tabs introduced in WordPress 3.3
• Help prevent one cause of hanging scans (MySQL error 1153)

1.1

• Scan for and fix old, vulnerable TimThumb scripts
• Detect old export files even if they’re larger than the size limit
• WordPress 3.3 hashes

1.0.5

• WordPress 3.2 and 3.2.1 hashes

1.0.4

• WordPress 3.1.4 hashes
• Suspicious pattern updates and tweaks

1.0.3

• Detection of export files left by incomplete imports.
• WordPress 3.1.3 hashes

1.0.2

• WordPress 3.0.6 and 3.1.2 hashes

1.0.1

• WordPress 3.1.1 hashes

1.0

• Core file diffs
• WordPress 3.1 hashes
• Updated suspicious patterns

0.97.6

• WordPress 3.0.5 hashes

0.97.5

• WordPress 3.0.4 hashes
• Dropped wp-content from hashes

0.97.4

• WordPress 3.0.3 compatibility

0.97.3

• 3.0.2 compatibility

0.97.2

• 3.0.1 compatibility

0.97.1

• PHP 4 compatibility

0.97

• AJAX paging
• simplified results system (now only 3 levels)
• contextual help
• moved to Tools menu section
• a number of backend changes

0.96

• Compatibility for WordPress 3.0

0.95

• Added “exploits” scan level for obvious hacker exploit code.
• Stored results for later review.
• Rearranged layout of results.
• Paged scanning so plugin scans 50 files at a time to avoid timeout errors.
• Only show “General Info” to non MU sites (it’s too expensive for large MU sites)