Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Hidden iFrame malware detected on hacked and defaced website.
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Hidden iFrame malware detected on hacked and defaced website. (Read 1043 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33912
malware fighter
Hidden iFrame malware detected on hacked and defaced website.
«
on:
February 13, 2016, 10:02:52 PM »
Checking on -http://tallerbdn.cat/cat
iframes
Any iframes? Yes there are. show.
<iframe src="
http://www.youtube.com/v/X10RiXjTGvY?hl=tr_TR&autoplay=1
" frameborder="0" height="0" width="0"></iframe>
Detected libraries:
jquery - 1.4.4 : (active1) -http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery.prettyPhoto - 3.0 : (active1) -http://tallerbdn.cat/prettyPhoto/js/jquery.prettyPhoto.js
Info: Severity: high
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6837&cid=3
Info: Severity: high
https://github.com/scaron/prettyphoto/issues/149
https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
jquery - 1.2.6 : -http://tallerbdn.cat/javascript-carrusel/jquery_002.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
3 vulnerable libraries detected
See:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Ftallerbdn.cat%2Fcat
Sucuri presents a hacked and defaced website:
https://sitecheck.sucuri.net/results/tallerbdn.cat/cat
eith
Possible Frontend SPOF from:
-ajax.googleapis.com -
(73%) - <script type="text/javascript" src="-http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js">
Unique IDs about your web browsing habits have been insecurely sent to third parties for 33% of trackers.
At least 6 third parties know you are on this webpage.
-Google
-Google
-tallerbdn.cat -tallerbdn.cat
-local.adguard.com (my personal adblocking solution)
-i.hizliresim.com (because of the hack)
-www.mustbebuilt.co.uk (an extension of mine in Google Chrome).
->
http://toolbar.netcraft.com/site_report?url=http://tallerbdn.cat
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Hidden iFrame malware detected on hacked and defaced website.
