{"id":943,"date":"2021-03-31T18:30:50","date_gmt":"2021-03-31T13:00:50","guid":{"rendered":"http:\/\/builtbackwards.com\/?p=943"},"modified":"2021-03-31T18:38:16","modified_gmt":"2021-03-31T13:08:16","slug":"projects-tac","status":"publish","type":"post","link":"https:\/\/builtbackwards.com\/projects\/tac\/","title":{"rendered":"TAC (Theme Authenticity Checker)"},"content":{"rendered":"\n

Scan all of your theme files for potentially malicious or unwanted code. Be aware of advertisements or dangerous JavaScript inserted into legitimate themes by third party theme download sites.
Future versions will allow to check for other theme vulnerabilities.<\/p>\n\n\n\n

Download TAC<\/a> (Current, v 1.4)<\/h2>\n\n\n\n

TAC in WordPress.org Plugin Directory<\/a><\/h3>\n\n\n\n

ABOUT<\/h2>\n\n\n\n

What TAC Does<\/strong><\/p>\n\n\n\n

TAC stands for Theme Authenticity Checker. Currently, TAC searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. As of v1.3<\/strong> TAC<\/em> also searches for and displays static links.<\/p>\n\n\n\n

Then what do you do? Just because the code is there doesn\u2019t mean it\u2019s not supposed to be or even qualifies as a threat, but most theme authors don\u2019t include code outside of the WordPress scope and have no reason to obfuscate the code they make freely available to the web. We recommend contacting the theme author with the code that the script finds, as well as where you downloaded the theme.<\/p>\n\n\n\n

The real value of this plugin is that you can quickly determine where code cleanup is needed in order to enjoy your theme.<\/p>\n\n\n\n

History<\/strong><\/p>\n\n\n\n

TAC got its start when we repeatedly found obfuscated malicious code in free WordPress themes available throughout the web. A quick way to scan a theme for undesirable code was needed, so we put together this plugin.<\/p>\n\n\n\n

After Googling and exploring on our own we came upon the article by Derek from 5thiryOne regarding this very subject. The deal is that many 3rd party websites are providing free WordPress themes with encoded script slipped in \u2013 some even going as far as to claim that decoding the gibberish constitutes breaking copyright law. The encoded script may contain a variety of undesirable payloads, such as promoting third-party sites or even hijack attempts.<\/p>\n\n\n\n

Frequently Asked Questions<\/strong>
What if I find something?<\/em><\/p>\n\n\n\n

Contact the theme\u2019s original author to double check if that section of code is supposed to be in the theme in the first place \u2013 chances are it shouldn\u2019t as there isn\u2019t a logical reason have obfuscated code in a theme.<\/p>\n\n\n\n

If something is malicious or simply unwanted, TAC<\/em> tells you what file to edit, you can even just click on the file path to be taken straight to the WordPress Theme Editor.<\/p>\n\n\n\n

Why does TAC list static links?<\/em><\/p>\n\n\n\n

First of all, static links aren\u2019t necessarily bad, TAC<\/em> just lists them so you can quickly see where your theme is linking to.<\/p>\n\n\n\n

What about future vulnerabilities?<\/em><\/p>\n\n\n\n

As we find them we will add them to TAC<\/em>. If you find one, PLEASE let us know: Contact builtBackwards or post in the WordPress.org Forum<\/p>\n\n\n\n

CHANGELOG<\/h2>\n\n\n\n

Version 1.4<\/h3>\n\n\n\n