Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Yandex blacklisted site - risks from outdated PHP etc.
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Yandex blacklisted site - risks from outdated PHP etc. (Read 839 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Yandex blacklisted site - risks from outdated PHP etc.
«
on:
October 10, 2015, 06:21:18 PM »
The site was found for unblocking here:
http://unblk.net/unblock
Is that a sign of possible abuse?
Yandex has the site blacklisted:
https://www.virustotal.com/nl/url/5e810f330c0305de5127827bd261f64179312a8a97f04c46482c64aecc092838/analysis/1444492405/
No alerts here:
https://urlquery.net/report.php?id=1444492529044
But the IP has been found to harbor info stealers and local FTP client software credentials harvesters. etc.
See:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Ftriton.url.com.tw%2Fsq%2Fsrc%2Flogin.php
Insecure Web Mail log-in detected: Welcome to mOffice - 登入 padlock icon
-triton.url.com.tw
Alerts (1)
Insecure login (1)
Password will be transmited in clear to -http://triton.url.com.tw/sq/src/redirect.php
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted
Outdated PHP: HTTP Server: Apache HTTP Server
PHP Version: 5.2.17 * (Outdated)
* It is already dangerous to keep this version on production, folks.
https://www.exploit-db.com/exploits/29290/
O.K. here:
http://toolbar.netcraft.com/site_report?url=http://triton.url.com.tw
Blacklist status:
https://yandex.com/infected?l10n=en&url=7199.com.tw&redircnt=1444494036.1
polonus (volunteer website security analyst and website error-hunter)
«
Last Edit: October 10, 2015, 06:26:34 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Yandex blacklisted site - risks from outdated PHP etc.