Nulled themes or scripts are secure?

by juxhin20 - 30-10-2020, 06:24 PM
Newbie
Posts:
16
Joined:
Oct 2020
Likes:
0
Credits:
0
Reputation:
0
#1
OP
Posted: 30-10-2020, 06:24 PM
I want to know from your experiences if anyone have had any issue with nulled themes or scripts? thanks
Newbie
Posts:
15
Joined:
Nov 2020
Likes:
2
Credits:
16
Reputation:
0
#2
Posted: 23-11-2020, 02:57 PM
From cybersec channels, one of the most favourite attack vector a couple of years ago was sharing infected wordpress plugins or nulled themes. This is an annoying fact, but you cannot trust 100% a nulled theme/plugin.

I've found this interesting article in the meanwhile, https://www.wpstuffs.com/detect-maliciou...s-plugins/, which indicates some checks you can do to see if the code looks like suspicious.
Of course, a base64 string is suspicious, check what is inside (maybe there is a redirect or a backdoor).
Also check the theme by uploading it into "virustotal.com": it's a free service that will scan the file among all the different anti-virus solution. For free. This i will suggest also for suspicious files in your computer. If you are more technologic, you can try to check also their md5 checksum, but will not analyse the content of the file.

in my experience, one time i've found an istitutional website with a jquery script that was tampered and contained 3 additional rows that will redirect to harmful websites. They can hide the script everywhere, be careful.
Newbie
Posts:
16
Joined:
Dec 2020
Likes:
0
Credits:
0
Reputation:
0
#3
Posted: 22-12-2020, 12:10 AM
Hay que tener cuidado ya que algunos están infectados (no todos) pero algunos si están infectados.
The last reply on this thread is older than a month. Please do not unnecessarily bump it.
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)