I’ve written a little script to help you figure out if your WordPress site has been hacked.

0. almost forgot — don’t do this until AFTER you’ve upgraded to 2.5.1.
1. download this file
2. rename it from “checker.txt” to “checker.php”
3. using Notepad or TextEdit, change the username string (optional) and password string (required)
4. upload edited checker.php to the public_html folder of your host
5. run it — http…your-server…checker.php (enter the username/password you chose)
6. look at what gets printed out…

** if(md5 **
if anything gets printed here, that’s trouble
** _wp_debugger **
if anything gets printed here, that’s trouble
** wp-info.txt, _new, _old, .pngg, .jpgg, .giff **
if anything gets printed here, that’s trouble
** checking for suspicious Wordpress user **
no suspicious Wordpress user
(if it prints something else, that’s trouble
** dumping active_plugins option records **
it’s hard to describe what constitutes trouble
in this section — if you see lots of dots and slashes,
that’s certainly suspicious.  send it to me and I’ll
let you know.

And of course, don’t hesitate to ask for help!