2

Viewing my latest search queries I stumbled upon the below query.

d3d3lmfrdglllxnryxquzgsv"{${pr.i.nt(238947899389478923-34567343546345)}}"

Please note: I've inserted the dots in print just to make sure that there's nothing evaluated in here for some reason, as I have no clue about the functioning of this query.

The query has been made in several different formats:

d3d3lmfrdglllxnryxquzgsv");pr.i.nt(238947899389478923-34567343546345);//

d3d3lmfrdglllxnryxquzgsv}print(238947899389478923-34567343546345);{

As the above suggests there might be more code involved which sadly aren't available for me to view at this time.

Doing a google search for the pr.i.nt(238947899389478923-34567343546345) part gives a list of apparently hacked websites and a single reddit thread regarding this issue with only a single comment.

Am I supposed to be worried about this, and what is the functioning of such query?

Some background info:

  • I'm using Wordpress, latest version
  • Using ajax-search with a combination of the Relevanssi and SearchWP Live Ajax Search plugins - both on latest version.
  • Wordfence security plugin is activated and updated.
  • PHP version 7.1
  • jQuery activated

UPDATE: I've also just found the same string in the person's/bot's user-agent stating the following:

aHR0cHM6Ly93d3cuYWt0aWUtc2thdC5kay8{${pr.i.nt(238947899389478923-34567343546345)}}
3

0

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Browse other questions tagged or ask your own question.