Linux business72.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
LiteSpeed
: 162.0.229.97 | : 18.219.40.177
Cant Read [ /etc/named.conf ]
8.1.30
temmmp
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
temmmp /
[ HOME SHELL ]
Name
Size
Permission
Action
.cagefs
[ DIR ]
drwxrwx--x
.cl.selector
[ DIR ]
drwxr-xr-x
.clwpos
[ DIR ]
drwx------
.cpanel
[ DIR ]
drwx------
.cphorde
[ DIR ]
drwx------
.htpasswds
[ DIR ]
drwxr-x---
.nc_plugin
[ DIR ]
drwx--x--x
.pkexec
[ DIR ]
drwxr-xr-x
.pki
[ DIR ]
drwxr-----
.razor
[ DIR ]
drwxr-xr-x
.softaculous
[ DIR ]
drwx--x--x
.spamassassin
[ DIR ]
drwx------
.subaccounts
[ DIR ]
drwx------
.system-php
[ DIR ]
drwxr-xr-x
.trash
[ DIR ]
drwx------
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
abledoor.ca
[ DIR ]
drwxr-x---
access-logs
[ DIR ]
drwxr-x---
amarose-official.shop
[ DIR ]
drwxr-x---
anonmags.com
[ DIR ]
drwxr-x---
bellamattress.ca
[ DIR ]
drwxr-x---
bestdealsmart.com
[ DIR ]
drwxr-x---
besthealthsdeals.com
[ DIR ]
drwxr-x---
bin
[ DIR ]
drwxr-xr-x
binsider.bond
[ DIR ]
drwxr-x---
blog.anonmags.com
[ DIR ]
drwxr-x---
business.fleetsignsandwrap.ca
[ DIR ]
drwxr-x---
cognilux.besthealthdeals.com
[ DIR ]
drwxr-x---
etc
[ DIR ]
drwxr-x---
fleetsignsandwrap.ca
[ DIR ]
drwxr-x---
golden-revive.online
[ DIR ]
drwxr-x---
goldenreviesws.com
[ DIR ]
drwxr-x---
goldenrevivepl.us
[ DIR ]
drwxr-x---
goldenreviveplus.live
[ DIR ]
drwxr-x---
goldenreviveplus.online
[ DIR ]
drwxr-x---
goldenreviveplus.shop
[ DIR ]
drwxr-x---
goldenreviveplus.store
[ DIR ]
drwxr-x---
goldensreviveplus.com
[ DIR ]
drwxr-x---
juniorsjunkremoval.ca
[ DIR ]
drwxr-x---
kakartransport.ca
[ DIR ]
drwxr-x---
kakkartransport.ca
[ DIR ]
drwxr-x---
ladiessea.com
[ DIR ]
drwxr-x---
logs
[ DIR ]
drwx------
lscache
[ DIR ]
drwxrws---
lscmData
[ DIR ]
drwx------
magspress.com
[ DIR ]
drwxr-x---
magspunch.com
[ DIR ]
drwxr-x---
mail
[ DIR ]
drwxr-x--x
mail.kakkartransport.ca
[ DIR ]
drwxr-x---
mbbnews.me
[ DIR ]
drwxr-x---
miracleewatt.store
[ DIR ]
drwxr-x---
miraclewatt.live
[ DIR ]
drwxr-x---
neelamshadihouse.com
[ DIR ]
drwxr-x---
php
[ DIR ]
drwxr-xr-x
preetgraphic.ca
[ DIR ]
drwxr-x---
preetgraphic.in
[ DIR ]
drwxr-x---
public_ftp
[ DIR ]
drwxr-x---
public_html
[ DIR ]
drwxr-x---
rishtehirishte.ca
[ DIR ]
drwxr-x---
sign-space.ca
[ DIR ]
drwxr-xr-x
softaculous_backups
[ DIR ]
drwx--x--x
srimmigrationsolutions.ca
[ DIR ]
drwxr-x---
ssl
[ DIR ]
drwxr-xr-x
tinnitus911.site
[ DIR ]
drwxr-x---
tinnitus911.store
[ DIR ]
drwxr-x---
tmp
[ DIR ]
drwxr-xr-x
touzafair.com
[ DIR ]
drwxr-x---
touzafair.online
[ DIR ]
drwxr-xr-x
traffic.goldenreviveplus.store
[ DIR ]
drwxr-x---
upwellness.store
[ DIR ]
drwxr-x---
upwelnesss.com
[ DIR ]
drwxr-x---
vignow.shop
[ DIR ]
drwxr-x---
vigonow.shop
[ DIR ]
drwxr-x---
wehavedeals.live
[ DIR ]
drwxr-x---
wehavedeals.store
[ DIR ]
drwxr-x---
www
[ DIR ]
drwxr-x---
yournews-wire.com
[ DIR ]
drwxr-x---
yournewswired.com
[ DIR ]
drwxr-x---
yourprobiotic.shop
[ DIR ]
drwxr-x---
.bash_logout
18
B
-rw-r--r--
.bash_profile
176
B
-rw-r--r--
.bashrc
124
B
-rw-r--r--
.clamavconnector.status
199
B
-rw-r--r--
.contactemail
21
B
-rw-r-----
.ftpquota
18
B
-rw-------
.gemrc
137
B
-rw-r--r--
.last.inodes
14.5
KB
-rw-r--r--
.lastlogin
578
B
-rw-------
.mad-root
0
B
-rw-r--r--
.myimunify_id
102
B
-rw-rw----
.pearrc
589
B
-rw-r--r--
.spamassassinboxenable
0
B
-rw-r--r--
.spamassassinenable
0
B
-rw-r--r--
.zshrc
658
B
-rw-r--r--
adminer.php
465.43
KB
-rw-r--r--
anonymouswire.com.zip
280.42
MB
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
scanreport-temmmp-2024-06-13T0...
56.61
KB
-rw-r--r--
scanreport-temmmp-Nov_04_2024_...
53.4
KB
-rw-r--r--
scanreport-temmmp-Oct_29_2024_...
53.94
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : scanreport-temmmp-Oct_29_2024_14h24m.txt
----------- SCAN REPORT ----------- TimeStamp: Tue, 29 Oct 2024 14:24:08 -0400 (/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/temmmp/scanreport-temmmp-Oct_29_2024_14h24m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user temmmp --virusscan --vmrssmax 2000000 --waitscan 0 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/temmmp: '/home/temmmp/access-logs' # Symlink to [/etc/apache2/logs/domlogs/temmmp] '/home/temmmp/.nc_plugin/hidden' # World writeable directory '/home/temmmp/abledoor.ca/87WOZRKmnuh.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/abledoor.ca/theme-insimlh.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/amarose-official.shop/KWnTNpBhvm5.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/amarose-official.shop/theme-insgubz.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/anonmags.com/diacipiperazine.php' # ClamAV detected virus = [{HEX}php.nested.base64.652.UNOFFICIAL] '/home/temmmp/anonmags.com/ova-tools-m.php' # ClamAV detected virus = [TO-31859.WEBSHEL.RxRU7SZTl_php.MD5-c6a42a9bc20dd699d2c2629145124dfc.size-19513.UNOFFICIAL] '/home/temmmp/anonmags.com/.tmb' # World writeable directory # Scan Timeout (30 secs) while processing: '/home/temmmp/anonmags.com/wp-content/themes/jnews/plugins/revslider.zip' '/home/temmmp/anonmags.com/wp-content/uploads' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2015' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2015/03' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2015/07' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2016' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2016/03' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2017' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2017/06' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2019' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2019/12' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2020' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2020/01' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2020/02' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2020/07' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2020/12' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2022' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2022/10' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2022/11' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2023' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2023/01' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/08' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/09' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/2024/10' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/elementor' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/elementor/css' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/elementor/thumbs' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/evf-logs' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/js_composer' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wp-file-manager-pro' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wp-file-manager-pro/fm_backup' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wpcode' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wpcode/cache' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wpcode/cache/library' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wpforms' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wpforms/cache' # World writeable directory '/home/temmmp/anonmags.com/wp-content/uploads/wpforms/themes' # World writeable directory '/home/temmmp/bellamattress.ca/wp-admin/network/theme-insmwga.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/bellamattress.ca/wp-content/plugins/click-to-chat-for-whatsapp/new/admin/class-ht-ctc-admin-main-page.php' # Universal decode regex match = [universal decoder] '/home/temmmp/bellamattress.ca/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/temmmp/bellamattress.ca/wp-content/plugins/woocommerce/src/Internal/Admin/WcPayWelcomePage.php' # Universal decode regex match = [universal decoder] '/home/temmmp/bellamattress.ca/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/temmmp/bellamattress.ca/wp-content/uploads' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/elementor' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/elementor/css' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/elementor/thumbs' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/template-kits' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/template-kits/5b754ec80fc3d871c98e374c1cbd1035' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/wc-logs' # World writeable directory '/home/temmmp/bellamattress.ca/wp-content/uploads/woocommerce_uploads' # World writeable directory '/home/temmmp/bellamattress.ca/wp-includes/kSy5BIUlAfn.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/bellamattress.ca/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.5.5 < v6.6.2] '/home/temmmp/besthealthsdeals.com/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/binsider.bond/aHSoX4jCKYR.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/binsider.bond/theme-insudcr.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/binsider.bond/.tmb' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-admin/network/theme-inscfdw.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/blog.anonmags.com/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/temmmp/blog.anonmags.com/wp-content/plugins/woocommerce/src/Internal/Admin/WcPayWelcomePage.php' # Universal decode regex match = [universal decoder] '/home/temmmp/blog.anonmags.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/temmmp/blog.anonmags.com/wp-content/uploads' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2023' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/08' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/09' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/2024/10' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/elementor' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/wc-logs' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/woocommerce_uploads' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-content/uploads/wpcf7_uploads' # World writeable directory '/home/temmmp/blog.anonmags.com/wp-includes/9GODqtb1rW3.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/business.fleetsignsandwrap.ca/wp-admin/network/theme-inshtes.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/business.fleetsignsandwrap.ca/wp-content/uploads/js_composer' # World writeable directory '/home/temmmp/business.fleetsignsandwrap.ca/wp-includes/n2lX5rwqu67.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/fleetsignsandwrap.ca/wp-admin/network/theme-inslvoy.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/fleetsignsandwrap.ca/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/temmmp/fleetsignsandwrap.ca/wp-content/plugins/woocommerce/src/Internal/Admin/WcPayWelcomePage.php' # Universal decode regex match = [universal decoder] '/home/temmmp/fleetsignsandwrap.ca/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/temmmp/fleetsignsandwrap.ca/wp-includes/DLouwdGiHeP.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/fleetsignsandwrap.ca/wp-includes/blocks/post-author-name/odrn9h/index.php' # Universal decode regex match = [universal decoder] '/home/temmmp/golden-revive.online/theme-insyvjh.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/golden-revive.online/zAe1BFoyrRO.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenreviesws.com/wp-admin/network/theme-insyskq.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldenreviesws.com/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldenreviesws.com/wp-content/uploads' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/2024/08' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/seedprod-help-docs' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/wpcode' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/wpcode/cache' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-content/uploads/wpcode/cache/library' # World writeable directory '/home/temmmp/goldenreviesws.com/wp-includes/iowdCF2M3Ty.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenreviesws.com/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.6.1 < v6.6.2] '/home/temmmp/goldenrevivepl.us/E5eajXosDN3.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenrevivepl.us/theme-insytaz.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldenreviveplus.live/IjvftJr1owO.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenreviveplus.live/theme-insugpa.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldenreviveplus.online/wp-admin/network/theme-insmogl.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldenreviveplus.online/wp-content/plugins/all-in-one-seo-pack/all_in_one_seo_pack.php' # Script version check [OLD] [All in One SEO v4.6.0 < v4.6.2] '/home/temmmp/goldenreviveplus.online/wp-content/plugins/all-in-one-seo-pack/app/Common/Views/admin/settings-page.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldenreviveplus.online/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldenreviveplus.online/wp-content/plugins/wpforms-lite/wpforms.php' # Script version check [OLD] [WPForms Lite v1.8.7.2 < v1.8.8.3] '/home/temmmp/goldenreviveplus.online/wp-content/uploads' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/03' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/04' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/05' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/06' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2024' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/seedprod-help-docs' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/wpforms' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-content/uploads/wpforms/cache' # World writeable directory '/home/temmmp/goldenreviveplus.online/wp-includes/fgjM3SIeRks.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenreviveplus.online/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.4.4 < v6.6.2] '/home/temmmp/goldenreviveplus.shop/wp-admin/network/theme-instwhp.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldenreviveplus.shop/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldenreviveplus.shop/wp-content/plugins/indexnow/admin/class-indexnow-url-submission-admin.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldenreviveplus.shop/wp-content/uploads' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/05' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/06' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/07' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/08' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/09' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/10' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/11' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2022/12' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/01' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/02' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/03' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/04' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/05' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/06' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2024' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/ig-logs' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/seedprod-help-docs' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/wpcode' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/wpcode/cache' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-content/uploads/wpcode/cache/library' # World writeable directory '/home/temmmp/goldenreviveplus.shop/wp-includes/C3VwvSxLIMj.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenreviveplus.shop/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.5.3 < v6.6.2] '/home/temmmp/goldenreviveplus.store/Ie6surgkwif.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldenreviveplus.store/theme-inspgke.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldensreviveplus.com/.tmb' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-admin/network/theme-insimzo.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/goldensreviveplus.com/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldensreviveplus.com/wp-content/plugins/indexnow/admin/class-indexnow-url-submission-admin.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldensreviveplus.com/wp-content/plugins/wp-asset-clean-up/templates/meta-box-loaded-assets/view-by-location.php' # Universal decode regex match = [universal decoder] '/home/temmmp/goldensreviveplus.com/wp-content/plugins/wp-asset-clean-up/vendor/composer/content.php' # Universal decode regex match = [universal decoder] # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]] '/home/temmmp/goldensreviveplus.com/wp-content/uploads' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2022' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2022/11' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2022/12' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/01' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/02' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/03' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/04' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/05' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/06' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/08' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/09' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/2024/10' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/elementor' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/elementor/css' # World writeable directory '/home/temmmp/goldensreviveplus.com/wp-content/uploads/seedprod-help-docs' # World writeable directory # Scan Timeout (30 secs) while processing: '/home/temmmp/goldensreviveplus.com/wp-content/wpvividbackups/goldenreviveplus.store_wpvivid-6406d34f95186_2023-03-07-06-01_backup_all.zip' '/home/temmmp/goldensreviveplus.com/wp-includes/YVbQcHvZkP3.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/goldensreviveplus.com/wp-includes/blocks/post-comments-form/wp-login.php' # Universal decode regex match = [universal decoder] # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]] '/home/temmmp/juniorsjunkremoval.ca/dOPHT6cVSf4.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/juniorsjunkremoval.ca/theme-insizws.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/kakartransport.ca/Eh2q9uRoc3i.php' # Known exploit = [Fingerprint Match (fp)] [PHP EVAL Exploit [P2185]] '/home/temmmp/kakartransport.ca/cH8Eb5kLWxs.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/kakartransport.ca/rpv4UwxFt18.php' # ClamAV detected virus = [TO-33072.WEBSHELL.793747c4-d156-42f9-83c3-451b5fc3b075.php.MD5-63bbd02c13b575ea5f33d66c766b4d69.size-165581.UNOFFICIAL] '/home/temmmp/kakartransport.ca/theme-inskmsf.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/kakkartransport.ca/.tmb' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-admin/network/theme-inscfrq.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/kakkartransport.ca/wp-content/plugins/google-listings-and-ads/vendor/phpseclib/phpseclib/phpseclib/Crypt/DSA/42gaeo/index.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/google-listings-and-ads/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/google-listings-and-ads/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/mailpoet/lib/Config/Menu.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/tiktok-for-business/admin/Tt4b_Menu_Class.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/woocommerce/assets/images/block-placeholders/k91vay/index.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/woocommerce/src/Internal/Admin/WcPayWelcomePage.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/temmmp/kakkartransport.ca/wp-content/plugins/woocommerce-payments/includes/admin/class-wc-payments-admin.php' # Universal decode regex match = [universal decoder] '/home/temmmp/kakkartransport.ca/wp-content/uploads' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2023' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2023/04' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2023/06' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/08' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/09' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/2024/10' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/elementor' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/elementor/css' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/mailpoet' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/wc-logs' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/woocommerce_uploads' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-content/uploads/wpcf7_uploads' # World writeable directory '/home/temmmp/kakkartransport.ca/wp-includes/EzYOWSDB6do.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/ladiessea.com/wp-admin/network/theme-insnexi.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/ladiessea.com/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/ladiessea.com/wp-content/uploads' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2023' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/06' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/07' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/08' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/2024/09' # World writeable directory '/home/temmmp/ladiessea.com/wp-content/uploads/seedprod-help-docs' # World writeable directory '/home/temmmp/ladiessea.com/wp-includes/GEqN8a4ehuD.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/ladiessea.com/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.6.1 < v6.6.2] '/home/temmmp/lscache/0/b/b/0bb1a86353a86540' # ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL] '/home/temmmp/lscache/4/9/5/495d2a6645167241' # ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL] '/home/temmmp/lscache/b/3/2/b328319d42ed19b4' # ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL] '/home/temmmp/lscache/c/1/1/c11a10cc15a9bf8f' # ClamAV detected virus = [{HEX}php.malware.magento.597.UNOFFICIAL] '/home/temmmp/lscache/c/8/9/c89fa84848c22dae' # ClamAV detected virus = [YARA.r57shell_php_php.UNOFFICIAL] '/home/temmmp/lscache/d/8/b/d8b21983a9533dab' # ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL] '/home/temmmp/lscache/f/1/3/f13c5a48551942ab' # ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL] '/home/temmmp/lscache/f/4/4/f4462ed330cf0b76' # ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL] '/home/temmmp/magspress.com/E9SrKftgkux.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/magspress.com/theme-insrhjv.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/magspress.com/.tmb' # World writeable directory '/home/temmmp/magspunch.com/C7nutsRcdgS.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/magspunch.com/theme-inshrjz.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/mail/new' # Skipped - too many resources: 71066 ( > filemax=50000) '/home/temmmp/mail.kakkartransport.ca/sWC8PKFv7Lo.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/mail.kakkartransport.ca/theme-insscgq.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/mail.kakkartransport.ca/data/_data_' # World writeable directory '/home/temmmp/mail.kakkartransport.ca/data/_data_/_default_' # World writeable directory '/home/temmmp/mail.kakkartransport.ca/data/_data_/_default_/configs' # World writeable directory '/home/temmmp/mail.kakkartransport.ca/data/_data_/_default_/domains' # World writeable directory '/home/temmmp/mbbnews.me/URMprtO4cKl.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/mbbnews.me/theme-inshoid.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/mbbnews.me/.tmb' # World writeable directory '/home/temmmp/miracleewatt.store/wp-admin/network/theme-inseizk.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/miracleewatt.store/wp-content/plugins/akismet/akismet.php' # Script version check [OLD] [Akismet Anti-spam: Spam Protection v5.3.1 < v5.3.2] '/home/temmmp/miracleewatt.store/wp-content/plugins/coming-soon/coming-soon.php' # Script version check [OLD] [Coming Soon Page, Maintenance Mode, Landing Pages & WordPress Website Builder by v6.15.23 < v6.17.4] '/home/temmmp/miracleewatt.store/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/miracleewatt.store/wp-content/plugins/loginizer/loginizer.php' # Script version check [OLD] [Loginizer v1.8.3 < v1.8.4] '/home/temmmp/miracleewatt.store/wp-content/uploads' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/02' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/03' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/04' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/05' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/06' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2024' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/miracleewatt.store/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/miracleewatt.store/wp-includes/8l3t1iOez9u.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/miracleewatt.store/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.4.3 < v6.6.2] '/home/temmmp/miraclewatt.live/j5Pc7p1sZaV.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/miraclewatt.live/theme-instngr.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/neelamshadihouse.com/fG5FxzkcLdt.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/neelamshadihouse.com/theme-insxmws.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/preetgraphic.ca/k7bMVdjInvt.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/preetgraphic.ca/theme-inssipv.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/preetgraphic.ca/.tmb' # World writeable directory '/home/temmmp/preetgraphic.in/YgQNuISJwBU.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/preetgraphic.in/theme-insadle.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/public_html/.tmb' # World writeable directory '/home/temmmp/public_html/wp-content/plugins/hash-form/admin/classes/HashFormBuilder.php' # Universal decode regex match = [universal decoder] '/home/temmmp/public_html/wp-content/plugins/seo-by-rank-math/includes/admin/class-serp-preview.php' # Universal decode regex match = [universal decoder] '/home/temmmp/public_html/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/temmmp/public_html/wp-content/plugins/woocommerce/src/Internal/Admin/WcPayWelcomePage.php' # Universal decode regex match = [universal decoder] '/home/temmmp/public_html/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/temmmp/public_html/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html' # Suspicious file type [application/x-c] '/home/temmmp/public_html/wp-content/plugins/wp-optimize/includes/class-wp-optimize-admin.php' # Universal decode regex match = [universal decoder] '/home/temmmp/public_html/wp-content/themes/viral-mag/welcome/welcome.php' # Universal decode regex match = [universal decoder] '/home/temmmp/public_html/wp-content/uploads' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/2022' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/2022/11' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/2024' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/2024/09' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/2024/10' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/elementor' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/elementor/css' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/wc-logs' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/woocommerce_uploads' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/wpo' # World writeable directory '/home/temmmp/public_html/wp-content/uploads/wpo/logs' # World writeable directory '/home/temmmp/rishtehirishte.ca/pafgiLBKzUr.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/rishtehirishte.ca/theme-insoptv.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/rishtehirishte.ca/files/resized/699316/ft8k5l/index.php' # Universal decode regex match = [universal decoder] '/home/temmmp/sign-space.ca/BkseahIdJAV.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/sign-space.ca/aJSMpxbdLuW.php' # Known exploit = [Fingerprint Match (fp)] [PHP EVAL Exploit [P2185]] '/home/temmmp/sign-space.ca/theme-inslnro.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/sign-space.ca/zQAhUCq9lRF.php' # Known exploit = [Fingerprint Match (fp)] [PHP Spammer Exploit [P1305]] # Scan Timeout (30 secs) while processing: '/home/temmmp/softaculous_backups/wp.26_37762.2024-10-28_04-11-35.tar.gz' # Scan Timeout (30 secs) while processing: '/home/temmmp/softaculous_backups/wp.26_97078.2024-10-29_04-40-33.tar.gz' '/home/temmmp/srimmigrationsolutions.ca/CNXQdx2iD9s.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/srimmigrationsolutions.ca/theme-insnzdl.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/tinnitus911.site/FXUNxl4pJYv.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/tinnitus911.site/theme-insnoih.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/tinnitus911.store/IA5vnuFZjqt.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/tinnitus911.store/theme-insuxwd.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/touzafair.com/wp-admin/network/theme-insidzn.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/touzafair.com/wp-content/plugins/elementor/modules/floating-buttons/documents/mvrh63/index.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/fast-indexing-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/fast-indexing-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/litespeed-cache/lib/l86rav/index.php' # ClamAV detected virus = [{HEX}php.nested.base64.663.UNOFFICIAL] '/home/temmmp/touzafair.com/wp-content/plugins/seo-by-rank-math/includes/admin/class-serp-preview.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/td-composer/td-multi-purpose/td-multi-purpose.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/woocommerce/includes/admin/class-wc-admin-menus.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/woocommerce/src/Internal/Admin/WcPayWelcomePage.php' # Universal decode regex match = [universal decoder] '/home/temmmp/touzafair.com/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/temmmp/touzafair.com/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html' # Suspicious file type [application/x-c] '/home/temmmp/touzafair.com/wp-content/uploads/2023/05' # World writeable directory # Scan Timeout (30 secs) while processing: '/home/temmmp/touzafair.com/wp-content/uploads/wp-file-manager-pro/fm_backup/backup_2024_07_12_23_06_22-bb1021d8-plugins.zip' # Scan Timeout (30 secs) while processing: '/home/temmmp/touzafair.com/wp-content/uploads/wp-file-manager-pro/fm_backup/backup_2024_07_12_23_06_22-bb1021d8-themes.zip' '/home/temmmp/touzafair.com/wp-includes/3vEm45dTzce.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/touzafair.online/3PHzrx5ncs8.php' # Known exploit = [Fingerprint Match (fp)] [PHP Spammer Exploit [P1305]] '/home/temmmp/touzafair.online/TpVmAoDGxKq.php' # Known exploit = [Fingerprint Match (fp)] [PHP EVAL Exploit [P2185]] '/home/temmmp/touzafair.online/theme-inssleg.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/touzafair.online/tpcYUHs7DCf.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/traffic.goldenreviveplus.store/Cjcz87pS1dG.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/traffic.goldenreviveplus.store/theme-inslsaz.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/upwellness.store/.tmb' # World writeable directory '/home/temmmp/upwellness.store/wp-admin/network/theme-insobsl.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/upwellness.store/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/upwellness.store/wp-includes/nhwOtMITY7E.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/vignow.shop/7Yjo3ELtACc.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/vignow.shop/theme-insejbt.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/vigonow.shop/B6ch3xL7n4J.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/vigonow.shop/theme-insdvkn.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/wehavedeals.live/wp-admin/network/theme-insxsvb.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/wehavedeals.live/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/temmmp/wehavedeals.live/wp-content/uploads' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/05' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/06' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/07' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/08' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/09' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/10' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/11' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2023/12' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2024' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2024/01' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2024/02' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2024/03' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2024/04' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/2024/05' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/seedprod-help-docs' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/wpcode' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/wpcode/cache' # World writeable directory '/home/temmmp/wehavedeals.live/wp-content/uploads/wpcode/cache/library' # World writeable directory '/home/temmmp/wehavedeals.live/wp-includes/rjaL1Rl5nBV.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/wehavedeals.live/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.5.2 < v6.6.2] '/home/temmmp/wehavedeals.store/ceFUO3CKfAG.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/wehavedeals.store/theme-inshmpn.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/yournews-wire.com/qBPKESFAR5n.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/yournews-wire.com/theme-inscszi.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/yournewswired.com/JhyGMwQSH9X.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/yournewswired.com/theme-inslxoh.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] '/home/temmmp/yourprobiotic.shop/IHr9VenKvqM.php' # (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]] '/home/temmmp/yourprobiotic.shop/theme-insptmy.php' # ClamAV detected virus = [TO-33761.WEBSHEL.nc_insadqg_php.MD5-aedca3f277a32c0d208d6316a2f6c254.size-338.UNOFFICIAL] ----------- SCAN SUMMARY ----------- Scanned directories: 42131 Scanned files: 276156 Ignored items: 1286 Suspicious matches: 472 Viruses found: 56 Fingerprint matches: 51 Data scanned: 9140.66 MB Scan peak memory: 442076 kB Scan time/item: 0.052 sec Scan time: 16449.888 sec
Close
