Avast WEBforum
Other => Viruses and worms => Topic started by: polonus on August 29, 2015, 10:13:55 PM
-
See: http://urlquery.net/report.php?id=1440877595314
Wordpress Version 4.1 based on: -http://medidasdefe.com/wp-includes/js/autosave.js
WordPress theme: -http://medidasdefe.com/wp-content/themes/mh-magazine-lite/
Wordpress internal path: -/home/medidas/public_html/wp-content/themes/mh-magazine-lite/index.php
Current: The following plugins were detected by reading the HTML source of the WordPress sites front page.
custom-share-buttons-with-floating-sidebar latest release (2.0)
http://www.mrwebsolution.in/
wordpress-popular-posts latest release (3.3.1)
http://wordpress.org/extend/plugins/wordpress-popular-posts
http://quttera.com/detailed_report/medidasdefe.com#collapseEight
List of blacklisted external links: 58
List of referenced blacklisted domains/hosts: 1
-medidasdefe.com
contact-form-email latest release (1.2)
easy-social-icons latest release (1.2.4.1)
http://www.cybernetikz.com
WordPress Theme
The theme has been found by examining the path /wp-content/themes/ *theme name* /
Warning User Enumeration is possible and Directory Indexing Enabled for content/uploads.
MH Magazine lite 1.8.8http://www.mhthemes.com/themes/mh/magazine-lite/
Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fmedidasdefe.com
See: https://www.virustotal.com/nl/url/7690bc3ce986f6e7cacc02b4aa2038c12fdc0d60b242009d2828dbdc7b6865c6/analysis/
Avast Online Security does not flag. Civic Event Calender PHISH!
polonus
-
Analyzing further on the Modernizr code there, consider non-deterministic UglifyJS compression race conditions
: https://gist.github.com/tkazec/5863030
pol