Support

Akeeba Backup for WordPress

#30717 Malicious code in Jps.php

Posted in ‘Akeeba Backup for WordPress’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

WordPress version
n/a
PHP version
n/a
Akeeba Backup version
n/a

Latest post by kaj69 on Friday, 21 December 2018 09:18 CST

kaj69
Hi,
Wordfence Pro indicates that "Akeeba Backup Professional for WordPress" contains malicious code in /wp-content/plugins/akeebabackupwp/app/Solo/engine/Archiver/Jps.php:

"The file appears to be installed or modified by a hacker to perform malicious activity...The matched text in this file is: $staticSalt .= "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";\x0a\x09\x09\x09$staticSalt .= "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";\x0a\x09\x09\x09

The free version of Wordfence doesn't react with a notice.

Is this a false positive or...?

Cheers,
Kaj

tampe125
Akeeba Staff
Hello,

that's a false positive, you can safely ignore that.
In the JPS archives (archives protected with a password), we have to initialize the salt, and in this case they are all NULLs (\x00).

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

kaj69
Thanks Davide for a rapid reply.

Have a nice week-end and then a Merry Xmas.
Kaj

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!