« previous next »
Pages: [1]   Go Down

Author Topic: -pw domain alert and CMS and other insecurities...  (Read 1354 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
-pw domain alert and CMS and other insecurities...
« on: September 05, 2018, 04:28:34 PM »
Re: https://urlquery.net/report/fd0a59ab-4309-47b0-b2a8-bf5c66b85a79
Word Press outdated plug-ins:

   woocommerce 3.4.3   latest release (3.4.5) Update required
https://woocommerce.com/
wordpress-seo 7.8   latest release (8.1.2) Update required
https://yoa.st/1uj
wysija-newsletters 2.8.2   latest release (2.9) Update required
http://www.mailpoet.com/
contact-form-7 5.0.3   latest release (5.0.4) Update required
https://contactform7.com/

Warning  User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   admin   admin
2   None   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring.
As this will reduce the chance of automated password attackers gaining access.
However it is important to understand that if the author archives are enabled,
it is usually possible to enumerate all users within a WordPress installation.

224 security errors -> https://webhint.io/scanner/d574e93b-58c7-4933-b3ca-27d0b036bdf4

2 vulnerable jQueries detected: https://retire.insecurity.today/#!/scan/0c10f34a72980270e05129dffc4ebc94a4a760fd398f2813886c2b4b8328675e
compare with SNYK's findings: CLOSE DETAILS
ERROR

'jQuery@1.12.4' has 1 known vulnerability (1 medium). See 'https://snyk.io/vuln/npm:jquery' for more information.

-http://secpl2.secretlab.pw/

ERROR

'jQuery UI@1.11.4' has 1 known vulnerability (1 high). See 'https://snyk.io/vuln/npm:jquery-ui' for more information.

-http://secpl2.secretlab.pw/

error in code
Quote
[decodingLevel=0] found JavaScript
     error: line:88: SyntaxError: invalid label:
          error: line:88: ;{"@context":"https:\/\/schema.org","@type":"WebSite","@id":"#website","url":"http:\/\/secpl2.secretlab.pw\/","name":"The Guard \u2013 Security Services and Bodyguard Company WordPress Theme","potentialAction":{"@type":"SearchAction","target":"http:\/\/se
          error: line:88: ..^
     error: line:4: SyntaxError: missing = in XML attribute:
          error: line:4: <!doctype html>
          error: line:4: ..............^
     file: e120e3965713faf60db918a279fa0cfcda720638: 104716 bytes

polonus (volunteer website security analyst and website error-hunter)

« Last Edit: September 05, 2018, 04:32:23 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
Re: -pw domain alert and CMS and other insecurities...
« Reply #1 on: September 05, 2018, 05:34:25 PM »
error
Quote
-secpl2.secretlab.pw/wp-content/plugins/composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.1 benign
[nothing detected] (script) -secpl2.secretlab.pw/wp-content/plugins/composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.4.1
     status: (referer=secpl2.secretlab.pw/)saved 895 bytes ae9b808c87bbbf57b9f3132c41effaaa12af03ff
     info: [decodingLevel=0] found JavaScript
     error: undefined function window.jQuery
     error: undefined variable window.jQuery(document)
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var window.jQuery(document) = 1;
          error: line:1: ....^
     suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
     file: ae9b808c87bbbf57b9f3132c41effaaa12af03ff: 895 bytes
     file: 0a101cbe6b26678bd741857926bffbe3588aa30e: 1505 bytes
     file: b97e76f5ac494a2d9c65cf37c518ecebf7bdc3e1: 1666 bytes
     file: 1f2030da668162178f0f1e728632c4a6917f82dd: 1380 bytes
     file: 3c8de54b2d0eb332c2e024160470f39f5065c2e9: 1504 bytes

Page has also quite some deadlinks:
Quote
##/s.w.org
##/comments/
##/http:/
##/.png
##/s.w.org
##/wp-includes/wlwmanifest.xml
##/wp-json/oembed/
##/wp-content/plugins/revslider/public/assets/js/.min.js
##/wp-content/plugins/revslider/public/assets/js/themepunch.revolution.min.js
##/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.js
##/wp-content/plugins/revslider/public/assets/js/TweenLite.js
##/wp-content/plugins/revslider/public/assets/TweenLite.js
##/service/s.w.org
##/service/.png
##/service/http:/
##/contacts/s.w.org
##/contacts/.png
##/contacts/http:/
##/contact-forms/s.w.org
##/contact-forms/.png
##/cart/s.w.org
##/contact-forms/http:/
##/cart/.png
##/cart/http:/
##/service/retail-security/s.w.org
##/service/retail-security/.png
##/service/retail-security/http:/
##/service/body-guard-vip-protection/s.w.org
##/service/body-guard-vip-protection/.png
##/service/private-investigators/.png
##/service/body-guard-vip-protection/http:/
##/service/private-investigators/s.w.org
##/service/private-investigators/http:/
##/service/home-security/s.w.org
##/service/home-security/.png
##/service/home-security/http:/
##/blog/s.w.org
##/blog/.png
##/category/
##/blog/http:/
##/tag/
##/auth
##/testimonial/s.w.org
##/blog/page/
##/testimonial/.png
##/testimonial/http:/
##/blog/blog-post-with-2-sidebars/s.w.org
##/blog/blog-post-with-2-sidebars/.png
##/blog/blog-post-with-2-sidebars/http:/
##/blog/blog-post-with-left-sidebar/s.w.org
##/blog/blog-post-with-left-sidebar/.png
##/blog/audio-post-format/s.w.org
##/blog/blog-post-with-left-sidebar/http:/
##/blog/audio-post-format/.png
##/blog/audio-post-format/http:/
##/blog/a-post-without-image/s.w.org
##/blog/a-post-without-image/.png
##/blog/a-post-without-image/http:/
##/service/cctv-installation/s.w.org
##/service/cctv-installation/.png
##/service/cctv-installation/http:/
##/testimonial/testimonial-6/s.w.org
##/testimonial/testimonial-6/.png
##/testimonial/testimonial-6/http:/
##/testimonial/testimonial-5/s.w.org
##/testimonial/testimonial-5/.png
##/testimonial/testimonial-4/s.w.org
##/testimonial/testimonial-5/http:/
##/testimonial/testimonial-4/.png
##/testimonial/testimonial-3/s.w.org
##/testimonial/testimonial-3/.png
##/testimonial/testimonial-4/http:/
##/testimonial/testimonial-3/http:/
##/testimonial/testimonial-2/s.w.org
##/testimonial/testimonial-2/.png
##/testimonial/testimonial-2/http:/
##/apis.google.com/
##/assets.pinterest.com/
##/service/wp-admin/
##/contacts/wp-admin/
##/contact-forms/wp-admin/
##/cart/wp-admin/
##/shop/s.w.org
##/shop/.png
##/shop/http:/
##/product-category/
##/service/retail-security/wp-admin/
##/blog/post-with-132456-password-protected/s.w.org
##/service/body-guard-vip-protection/wp-admin/
##/service/private-investigators/wp-admin/
##/service/home-security/wp-admin/
##/blog/post-with-132456-password-protected/.png
##/blog/post-with-132456-password-protected/http:/
##/blog/template-comments/s.w.org
##/blog/template-comments/.png
##/blog/template-comments/http:/
##/blog/gallery-post-format/s.w.org
##/blog/wp-admin/
##/blog/gallery-post-format/.png
##/blog/gallery-post-format/http:/
##/blog/video-post-format/s.w.org
##/blog/video-post-format/.png
##/blog/image-post-format/s.w.org
##/blog/video-post-format/http:/
##/blog/image-post-format/.png
##/blog/image-post-format/http:/
##/blog/link-post-format/s.w.org
##/blog/link-post-format/.png
##/blog/quote-post-format/s.w.org
##/blog/link-post-format/http:/
##/blog/quote-post-format/.png
##/blog/quote-post-format/http:/
##/testimonial/testimonial-1/.png
##/testimonial/testimonial-1/s.w.org
##/testimonial/testimonial-1/http:/
##/testimonial/wp-admin/
##/blog/blog-post-with-left-sidebar/wp-admin/
##/blog/blog-post-with-2-sidebars/wp-admin/
##/blog/audio-post-format/wp-admin/
##/blog/a-post-without-image/wp-admin/
##/service/cctv-installation/wp-admin/
##/testimonial/testimonial-6/wp-admin/
##/testimonial/testimonial-5/wp-admin/
##/my-account/s.w.org
##/testimonial/testimonial-4/wp-admin/
##/testimonial/testimonial-3/wp-admin/
##/my-account/.png
##/my-account/http:/
##/testimonial/testimonial-2/wp-admin/
##/uncategorized/s.w.org
##/shop/wp-admin/
##/blog/post-with-132456-password-protected/wp-admin/
##/uncategorized/.png
##/uncategorized/http:/
##/blog/template-sticky/s.w.org
##/blog/template-sticky/.png
##/blog/template-sticky/http:/
##/blog/template-comments/wp-admin/
##/uncategorized/hello-world/s.w.org
##/uncategorized/hello-world/.png
##/uncategorized/hello-world/http:/
##/blog/gallery-post-format/wp-admin/
##/blog/markup-image-alignment/s.w.org
##/blog/markup-image-alignment/.png
##/blog/markup-image-alignment/http:/
##/blog/template-paginated/s.w.org
##/blog/template-paginated/.png
##/blog/template-paginated/http:/
##/blog/video-post-format/wp-admin/
##/blog/image-post-format/wp-admin/
##/blog/quote-post-format/wp-admin/
##/blog/link-post-format/wp-admin/
##/testimonial/testimonial-1/wp-admin/
##/my-account/wp-admin/
##/uncategorized/wp-admin/
##/blog/template-sticky/wp-admin/
##/uncategorized/hello-world/wp-admin/
##/blog/template-paginated/2/s.w.org
##/blog/template-paginated/2/.png
##/blog/template-paginated/2/http:/
##/blog/template-paginated/3/s.w.org
##/blog/markup-image-alignment/wp-admin/
##/blog/template-paginated/3/.png
##/blog/template-paginated/3/http:/
##/blog/template-paginated/wp-admin/
Also found these files : ##xmlrpc.php   228   text/plain   vchideactivationmsg_vc11=12.0   405      
                                  ##xmlrpc.php?rsd   268   text/xml   vchideactivationmsg_vc11=12.0   200         
                /xmlrpc.php ##wp-login.php   450   text/html   vchideactivationmsg_vc11=12.0   200      

polonus
« Last Edit: September 05, 2018, 05:44:11 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »