Author Topic: Just another average website with vulnerable CMS!  (Read 1545 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33973
  • malware fighter
Just another average website with vulnerable CMS!
« on: December 25, 2015, 08:48:33 PM »
Analysis of http://www.adrian-stolarski.pl/
WordPress Version
3.6.1
Version does not appear to be latest 4.4 - update now
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

w3-total-cache 0.9.2.4   latest release (0.9.4.1) Update required
http://www.w3-edge.com/wordpress-plugins/w3-total-cache/
all-in-one-seo-pack   latest release (2.2.7.5)
http://semperfiwebdesign.com

Warning User Enumeration is possible  :o

WOT alert: scorecard/adrian-stolarski.pl?utm_source=addon&utm_content=rw-viewsc
& http://toolbar.netcraft.com/site_report?url=http://www.adrian-stolarski.pl
Re: http://iframely.com/debug?uri=http%3A%2F%2Fwww.adrian-stolarski.pl%2F

Also condider: https://rateip.com/class/151.80.202.0/24
while observing: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.adrian-stolarski.pl%2F

Sucuri alerts: ISSUE DETECTED   DEFINITION   INFECTED URL
Internal Server Error   500-error?v1   -http://www.adrian-stolarski.pl/404testpage4525d2fdc ( View Payload )
Internal Server Error   500-error?v1   -http://www.adrian-stolarski.pl/404javascript.js ( View Payload )
Site error detected. Details: http://labs.sucuri.net/db/malware/500-error?v1
HTTP/1.1 500 Internal Server Error

2 malicious files: /jak-zachecic-dziecko-do-sprzatania/index.html
Severity:   Malicious
Reason:   Detected reference to blacklisted domain
Details:   Detected reference to malicious blacklisted domain -wielkikanion.pl *
&
/jak-zachecic-dziecko-do-sprzatania#comments
Severity:   Malicious
Reason:   Detected reference to blacklisted domain
Details:   Detected reference to malicious blacklisted domain -wielkikanion.pl *

* Avast rightfully detects as JS-Injection A[Trj]

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: December 25, 2015, 08:57:02 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33973
  • malware fighter
Re: Just another average website with vulnerable CMS!
« Reply #1 on: December 26, 2015, 01:53:25 PM »
Also checked for this: Scan for HTML Injection
This scans a page for common XSS/HTML injection vulnerabilities.
Looking at -http://www.adrian-stolarski.pl/; 1 form(s) found.

HRMM; no injection found on:- http://www.adrian-stolarski.pl/; form 1
URL WAS =>-http://www.adrian-stolarski.pl?s=%3Ch1%3Esentinel%3C%2Fh1%3E

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!