Archive of posts from 03 January 2012

TimThumb Hack Check Script

I was recently a victim of the [timthumb vulnerability]( At first I noticed some rogue PHP in all my index.php files, which I cleaned up. But it turned out they had already got in enough to re-hack in no time at all. This time it was my javascript files which all had some obstruficated code in them, causing every page load to make a request to some random site.