« previous next »
Pages: [1]   Go Down

Author Topic: Outdated CMS on PHISHING website...  (Read 1063 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
Outdated CMS on PHISHING website...
« on: September 08, 2018, 06:22:13 PM »
See fortinet's alerts for malware: https://urlquery.net/report/eec5c7f0-463a-4f2c-9a25-21a4652cd911
Confirmed: https://www.virustotal.com/#/url/43f0303fa4e16cd29ff7a2d3a0936895362136576aee60d7a52e1632890511ef/detection
6 to flag (flagged also index.php)
Word Press CMS outdated: https://sitecheck.sucuri.net/results/supremeways.com   and website blacklisted.
1 detected jQuery library to be retired: https://retire.insecurity.today/#!/scan/48f5adf1152598868bb803b60ffff8bc1c4ddf58c3060cdb1147d96b429f8d11
27 security errors flagged here: https://webhint.io/scanner/0f751d47-e1cc-4885-bb3e-5b391a62e7d4
On CMS: Warning  User Enumeration is possible

The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   None   adminius24
2   None   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Loaded resources found OK -> https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=c3VwfXtte3d8eXMuXl1t~enc

errors in code:
Quote
(element) -supremeways.com/undefined /   suspicious: maxruntime exceeded 10 seconds (incomplete)
&   (script) -supremeways.com/wp-content/themes/clean-corporate/third-party/sidr/js/jquery.sidr.min.js?ver=2.2.1
     status: (referer=-supremeways.com/)saved 7034 bytes 57c359f422507358cd667f4119bd54086a1e842d
     info: [decodingLevel=0] found JavaScript
     error: line:6: TypeError: invalid 'in' operand b
     file: 57c359f422507358cd667f4119bd54086a1e842d: 7034 bytes
&
[script] -supremeways.com/wp-includes/js/wp-embed.min.js?ver=4.7.11
     info: [decodingLevel=0] found JavaScript
     error: undefined function b.attachEvent
     error: undefined variable b
     info: [element] URL=-supremeways.com/undefined
     info: [1] no JavaScript
     file: 3e705584b3d8291eab9261b43e6afdadc561cad7: 27724 bytes
     file: 9bbba02326099b6cf3cb93bde03e7055c34e8325: 75 bytes
 

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »