Detect a Base 64 attack
Base 64 attact is a link injec¡nction that only shows when google index your pages.
- Install Paranoid plugin for wordpress (or for your platform) It will give you feedback bout the differente changes your database and template have.
- Use Google Reader For your blog and if you use igoogle or netvibes, ad two columns with the same content of your blog.
- If any time you recive differente Feeds from your blogs and the differences are mostly on the Google Reader or google feed, It may have being the bse 64 attack.
- Check Paranoid and in case It don’t give you any refferences. Try first those pages that are not covred by it shuch as index php. If you launch paranoid it will give you an example of the code you have to loock for.
- You won’t be able to see the code until you download every page of your site to your desktop, base 64 code usually shws only for google (despite being on the main template of your site)
- Try with editplus find out the “base 64 string and if you see something, take it out.
- And try posting something and check it on the Google reader. If is clean, well done, if not, keep on searchong this way.
If you enjoyed this post, make sure you subscribe to my RSS feed!
Leave a Reply