OwlCyberSecurity - MANAGER

Edit File: scan_15.10.2022_00-15-49_report.txt

----------- SCAN REPORT ----------- TimeStamp: Fri, 14 Oct 2022 17:17:55 -0400 (/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 100000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/ebaadfsa/scan_15.10.2022_00-15-49_report.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user ebaadfsa --virusscan --vmrssmax 2000000 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/ebaadfsa: '/home/ebaadfsa/.nc_plugin/hidden' # World writeable directory '/home/ebaadfsa/public_html/index.php1' # Universal decode regex match = [universal decoder] '/home/ebaadfsa/public_html/wp-content/plugins/core-builder/index.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Exploit [P1900]] '/home/ebaadfsa/public_html/wp-content/plugins/easy-side-tab-pro/js/frontend/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/elementor/modules/elements-color-picker/admin.php' # Universal decode regex match = [universal decoder] '/home/ebaadfsa/public_html/wp-content/plugins/elementor-pro/modules/popup/display-settings/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/elementor-pro/modules/role-manager/xmlrpcs.php' # Universal decode regex match = [universal decoder] '/home/ebaadfsa/public_html/wp-content/plugins/elementor-pro/modules/woocommerce/skins/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/kirki/packages/kirki-framework/control-custom/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/kirki/packages/kirki-framework/control-dashicons/locale.php' # Universal decode regex match = [universal decoder] '/home/ebaadfsa/public_html/wp-content/plugins/meta-box/css/jqueryui/defense.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Exploit [P1900]] '/home/ebaadfsa/public_html/wp-content/plugins/revslider/admin/views/builder.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/revslider/includes/external-sources.class.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/revslider/includes/external/facebook.class.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/revslider/includes/external/instagram.class.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/CdnEngine_Ftp.php' # Regular expression match = [\n(?!\s*(//|\#|\*)).*\.ssh/] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/lib/Azure/MicrosoftAzureStorage/Common/uninstall.php' # Known exploit = [Fingerprint Match] [PHP Exploit [P1973]] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/lib/Google/Service/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/lib/Minify/Minify/JS/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/lib/NewRelic/xmlrpcs.php' # Universal decode regex match = [universal decoder] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/pub/js/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-php-sns-message-validator/tests/FunctionalValidationsTest.php' # Universal decode regex match = [universal decoder] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/AmplifyBackend/AmplifyBackendClient.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/AmplifyBackend/Exception/AmplifyBackendException.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/ApiGatewayManagementApi/ApiGatewayManagementApiClient.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/ApiGatewayManagementApi/Exception/ApiGatewayManagementApiException.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/ApiGatewayV2/ApiGatewayV2Client.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/ApiGatewayV2/Exception/ApiGatewayV2Exception.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/CodeArtifact/CodeArtifactClient.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/CodeArtifact/Exception/CodeArtifactException.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/NimbleStudio/NimbleStudioClient.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/NimbleStudio/Exception/NimbleStudioException.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/ServerlessApplicationRepository/ServerlessApplicationRepositoryClient.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/ServerlessApplicationRepository/Exception/ServerlessApplicationRepositoryException.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/kendra/kendraClient.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-content/plugins/w3-total-cache/vendor/aws/aws-sdk-php/src/kendra/Exception/kendraException.php' # Regular expression match = [\*[A-Za-z0-9]{12,130}\*] '/home/ebaadfsa/public_html/wp-includes/blocks/post-comments-form/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-includes/blocks/query/index.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-includes/js/tinymce/themes.php' # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit [P1791]] '/home/ebaadfsa/public_html/wp-includes/random_compat/dilt' # Universal decode regex match = [universal decoder] ----------- SCAN SUMMARY ----------- Scanned directories: 2969 Scanned files: 17424 Ignored items: 50 Suspicious matches: 50 Viruses found: 0 Fingerprint matches: 13 Data scanned: 497.97 MB Scan peak memory: 294596 kB Scan time/item: 0.021 sec Scan time: 425.063 sec