Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Avast one of the few to detect HTML:Phishing-IC [Trj] here!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Avast one of the few to detect HTML:Phishing-IC [Trj] here! (Read 951 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34065
malware fighter
Avast one of the few to detect HTML:Phishing-IC [Trj] here!
«
on:
August 07, 2015, 11:20:20 PM »
See:
https://www.virustotal.com/nl/url/665da4c72bef752d8cd663a101d8950938221a3a563ad0a2b436e52d6e39d26c/analysis/1438981264/
Re:
https://www.virustotal.com/nl/file/3edd1c99ef1dbdb8fabaafbb72ef2efcb9555f5e5c531d83c1aaab10e0822924/analysis/1436565814/
Outdated Joomla found: Web application version:
Joomla Version 2.5.19 found at:
http://thekhmerpage.com/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.28 or 3.4.3
OpenX ad server installed: -http://khfeed.com/banners/www/delivery/ not blocked - has adsmartzone!
Server software vulnerable, nginx/1.8.0,
https://lolware.net/2015/04/28/nginx-fuzzing.html
Joomla -> he following components were detected from the HTML source of the Joomla front page.
adsmanager
com_adsmanager
See:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fthekhmerpage.com%2Fcomponents%2Fcom_adsmanager%2Fjs%2Fjquery-1.8.0.min.js
Because of various JQuery versions we find: jQ = jQuery.noConflict(true);
link to code here is not blocked: -https://www.ads855.net/www/admin/index.php
see: -http://www.ads855.net/www/delivery/asyncjs.php -> OpenX ads server, read:
https://en.wikipedia.org/wiki/Revive_Adserver
->
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.ads855.net%2Fwww%2Fdelivery%2Fasyncjs.php
landing here: htxp://cdn2.editmysite.com/ known for spam etc.
https://www.mywot.com/en/scorecard/cdn2.editmysite.com?utm_source=addon&utm_content=rw-viewsc
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Avast one of the few to detect HTML:Phishing-IC [Trj] here!