« previous next »
Pages: [1]   Go Down

Author Topic: What malware detected here?  (Read 1047 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33905
  • malware fighter
What malware detected here?
« on: January 08, 2018, 10:46:24 PM »
See exported SGML document txt blacklisted detection on: http://urlquery.net/report/62d19e35-d54e-4ceb-a4aa-32e8ed3335c3
Re confirmed: https://www.virustotal.com/#/url/45cbd66166f53315173c870b52355be7372b5e4ba23a4b2c2af9e4b629b73243/details
and https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=clarkscleaningsystems.co.uk%2F&ref_sel=GSP2&ua_sel=ff&fs=1

Retirable jQuery library: http://retire.insecurity.today/#!/scan/3fae73c5a91bdb4449355b6ec70f3a1db38c1a865d672fb000c06cf56bac2d72
with error in code
Quote
undefined variable n
, a non-configurable, non-writable property (pol).

DOM-XSS links: Results from scanning URL: -http://clarkscleaningsystems.co.uk/media/jui/js/jquery.min.js
Number of sources found: 41
Number of sinks found: 17

Results from scanning URL: -http://safalaya.com/vendors/jquery/jquery.form.js
Number of sources found: 16
Number of sinks found: 18

Results from scanning URL: -http://www.canoaclubmilano.it/info.php?a%5B%5D=%3Ca%20href%3Dhttp%3A%2F%2Fminu.me%2F-mobileprices34814%3EHuawei%20Phones%3C%2Fa%3E/
Number of sources found: 1
Number of sinks found: 2

Results from scanning URL: -http://safalaya.com/vendors/jquery/jquery.form.js
Number of sources found: 38
Number of sinks found: 18

Results from scanning URL: -http://safalaya.com/vendors/jquery/jquery-ui-1.8.16.min.js
Number of sources found: 263
Number of sinks found: 17

Above code examples should be debugged using a javascript unpacker of sorts.
According to last results given above: -> -cdn.embedly.com/widgets/platform.js
delivering errors
Quote
[iframe] -safalaya.com/vendors/jquery/javascript:false;
     found JavaScript
     error: undefined variable jQuery
     error: undefined variable a.ui
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var a.ui = 1;
          error: line:1: ....^ 

I discussed above error here: https://forum.avast.com/index.php?topic=210185.0
Consider here also: https://privacyscore.org/site/36801/
Open WPM timed out, missing protection against various attacks  ::)

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: January 08, 2018, 10:53:43 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »