Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
What malware here? PHISH?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: What malware here? PHISH? (Read 1050 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33912
malware fighter
What malware here? PHISH?
«
on:
April 19, 2015, 07:10:04 PM »
See:
https://www.virustotal.com/en/url/1cd024ec201470c42a055552f0f35321c6919be6ce0ca02b2553f22846adb50d/analysis/1429462516/
No detection:
https://sitecheck.sucuri.net/results/reiatlanta.com#sitecheck-details
Hiding Showing Elements script. But XSS vulnerability in resources: htxp://reiatlanta.com/resources/js/prettyPhoto.js
read:
http://www.fuzzysecurity.com/tutorials/14.html
(version here
3.1.2
and 3.1.3)
->
http://www.domxssscanner.com/scan?url=http%3A%2F%2Freiatlanta.com
(inner.HTML etc.)
and read why it is dangerous here:
http://www.saotn.org/prettyphoto-dom-based-xss/
source: Sys Admins of the North
Please apply the Fix for the XSS vulnerability:
https://github.com/Duncaen/prettyphoto/commit/3ef0ddfefebbcc6bbe9245f9cea87e26838e9bbc
credits here go to Duncaen
polonus
«
Last Edit: April 19, 2015, 07:15:29 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
What malware here? PHISH?