Author Topic: Another website amidst a real tsunami wave of PHISHING...  (Read 416 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31534
  • malware fighter
Another website amidst a real tsunami wave of PHISHING...
« on: January 12, 2019, 11:11:04 PM »
See blacklisted for that reason: https://urlquery.net/report/1c5d4ff4-3f4c-4897-b45e-453e73fdf138
What is bootstrap.js doing here? -> https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=bXtudF19Zn17W2dodC5eXS56fGA%3D~enc
263 hints for improvement of that site: https://webhint.io/scanner/82d5060c-bb8f-41bd-abae-bd98a864a297
Main threats reported here: https://webscan.upguard.com/#/http://mentorfreight.co.za

Vulnerable with bootstrap v.3.3.4 - Scan results of URL: htxp://localtimes.info/world_clock2.html?&cp1_Hex=000000&cp2_Hex=FFFFFF&cp3_Hex=000000&fwdt=110&ham=0&hbg=1&hfg=0&sid=0&mon=0&wek=0&wkf=0&sep=0&widget_number=11000&lcid=UKXX0085,CHXX0008,FRXX0076,USCA0638,USNY0996,INXX0087,ASXX0112
Number of sources found: 46 ; number of sinks found: 33  Just like we assumed,

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31534
  • malware fighter
Re: Another website amidst a real tsunami wave of PHISHING...
« Reply #1 on: January 13, 2019, 06:05:22 PM »
On the XSS in data-target attribute for bootstrap.js:

Bootstrap.js is vulnerable here because of
Quote
return $(target)
in the code.
Read: https://github.com/twbs/bootstrap/issues/20184
See: https://retire.insecurity.today/#!/scan/9727271311f3e7c1d9a71eac683bb7705dd1518e842ced17c5001162e16d6db0

Bootstrap v3.3.4 is no longer developed or supported. All work has moved onto next major release, v4. (info credits go to mdo&team)

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31534
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!