Author Topic: Weird scan redirecting connections and existing bootstrap vulnerabilities..  (Read 986 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
TScanned:  -https://github.githubassets.com/assets/github-bootstrap-59d11841a5c00f27.js with 333 sources and 159 sinks
opened up to -http://kak-sama.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.4
and -http://kak-sama.ru/wp-includes/js/wp-embed.min.js?ver=5.0.3
For the IP I get these weaknesses: https://www.shodan.io/host/89.163.140.78

Vulnerable library there: https://retire.insecurity.today/#!/scan/13f09e10e459b4a1e44e9836efa10b668afb7483f01196e909e6e71089dba2b7
Tracking performed via  -https://usocial.pro/usocial/fingerprint2.min.js to mobili slider at:
-http://kingtrend.ru/catalog/catalog/view/javascript/jquery/owl-carousel/owl.carousel.min.js
and the vulnerability circle will close again when we again land at bottstrap.js with:
-http://kingtrend.ru/catalog/catalog/view/theme/storeset/js/bootstrap.js

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Bootstrap.js together with fingerprint.js, there may be a many security hurdle to take.

Added by having Google's Tagmanager on on the tracking job, together with a vulnerable retirable library:
-https://fingerprintjs.com/ Detected libraries: jquery - 3.3.1 : (active1) -https://fingerprintjs.com/js/jquery.min.js bootstrap - 4.2.1 : -
-https://fingerprintjs.com/js/bootstrap.min.js Info: Severity: high -https://github.com/twbs/bootstrap/issues/28236 (active) - the library was also found to be active by running code 1 vulnerable library detected. (info credits go to luntrus)

On a side line, this for finding out about your browser's rather unique fingerprint (well over 90% accuracy) -
online demo can be found here: https://valve.github.io/fingerprintjs2/
Runt through grunt on jshint.

Another nice exanple: https://codepen.io/run-time/pen/XJNXWV
Over 90% accuracy.

Repeatedly you this will result in the same and unique fingerprint, like 1*2:083*21.

How is your uniqueness, see it here: https://amiunique.org/fp (also idem/history)
just to establish how your fingerprint developed during history)

polonus (3rd part cold reconniassance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!