uawdijnntqw1x1x1
IP : 13.58.121.29
Hostname : premium160.web-hosting.com
Kernel : Linux premium160.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
Disable Function : None :)
OS : Linux
PATH:
/
home
/
batcwwjx
/
johnsnowanalytics.monster
/
..
/
scanreport-batcwwjx-Feb_01_2021_11h29m.txt
/
/
----------- SCAN REPORT ----------- TimeStamp: Mon, 1 Feb 2021 11:29:15 -0500 (/usr/sbin/cxs --background --nobayes --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --qoptions Mv --report /home/batcwwjx/scanreport-batcwwjx-Feb_01_2021_11h29m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user batcwwjx --virusscan --vmrssmax 2000000 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/batcwwjx: '/home/batcwwjx/access-logs' # Symlink to [/etc/apache2/logs/domlogs/batcwwjx] '/home/batcwwjx/.nc_plugin/hidden' # World writeable directory # Scan Timeout (30 secs) while processing: '/home/batcwwjx/.trash/Born To Give - Charity Crowdfunding Responsive HTML5 Template.rar' # Scan Timeout (30 secs) while processing: '/home/batcwwjx/.trash/BornTo.zip' '/home/batcwwjx/.trash/access-logs' # Symlink to [/etc/apache2/logs/domlogs/batcwwjx] # Scan Timeout (30 secs) while processing: '/home/batcwwjx/.trash/born-to-give.zip' # Scan Timeout (30 secs) while processing: '/home/batcwwjx/.trash/born-to-give.zip.1' '/home/batcwwjx/.trash/wp-content/plugins/Ultimate_VC_Addons/presets/Ultimate_Google_Maps.php' # Universal decode regex match = [universal decoder] '/home/batcwwjx/.trash/wp-content/plugins/clearfy/clearfy.php' # Script version check [OLD] [Webcraftic Clearfy – WordPress optimization plugin v1.8.0 < v1.8.2] '/home/batcwwjx/.trash/wp-content/plugins/elementor/elementor.php' # Script version check [OLD] [Elementor v3.0.14 < v3.0.15] '/home/batcwwjx/.trash/wp-content/plugins/litespeed-cache/litespeed-cache.php' # Script version check [OLD] [LiteSpeed Cache v3.5.2 < v3.6.1] '/home/batcwwjx/.trash/wp-content/plugins/wp-smushit/wp-smush.php' # Script version check [OLD] [Smush v3.7.3 < v3.8.2] '/home/batcwwjx/.trash/wp-content.2/plugins/w3-total-cache/CdnEngine_Ftp.php' # Regular expression match = [\n(?!\s*(//|\#|\*)).*\.ssh/] '/home/batcwwjx/.trash/wp-content.2/uploads' # World writeable directory '/home/batcwwjx/.trash/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.5.3 < v5.6] '/home/batcwwjx/.trash/wp-includes.1/version.php' # Script version check [OLD] [Wordpress v5.5.3 < v5.6] '/home/batcwwjx/old/.cagefs/opt/alt/php52/link/conf' # Symlink to [/opt/alt/php52/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php53/link/conf' # Symlink to [/opt/alt/php53/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php54/link/conf' # Symlink to [/opt/alt/php54/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php55/link/conf' # Symlink to [/opt/alt/php55/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php56/link/conf' # Symlink to [/opt/alt/php56/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php70/link/conf' # Symlink to [/opt/alt/php70/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php71/link/conf' # Symlink to [/opt/alt/php71/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php72/link/conf' # Symlink to [/etc/cl.php.d/alt-php72] '/home/batcwwjx/old/.cagefs/opt/alt/php73/link/conf' # Symlink to [/opt/alt/php73/etc/php.d] '/home/batcwwjx/old/.cagefs/opt/alt/php74/link/conf' # Symlink to [/opt/alt/php74/etc/php.d] '/home/batcwwjx/old/.cagefs/tmp/.s.PGSQL.5432' # Symlink to [/var/run/postgres/.s.PGSQL.5432] '/home/batcwwjx/old/.cagefs/tmp/mysql.sock' # Symlink to [/var/lib/mysql/mysql.sock] '/home/batcwwjx/old/.cagefs/var/cache' # World writeable directory '/home/batcwwjx/old/.cagefs/var/cache/php-eaccelerator' # World writeable directory '/home/batcwwjx/old/.cagefs/var/php' # World writeable directory '/home/batcwwjx/old/.cagefs/var/php/apm' # World writeable directory '/home/batcwwjx/old/.cagefs/var/php/apm/db' # World writeable directory '/home/batcwwjx/old/.cagefs/var/run/screen' # World writeable directory '/home/batcwwjx/old/.trash/wp-content/plugins/autoptimize/autoptimize.php' # Script version check [OLD] [Autoptimize v2.7.8 < v2.8.1] '/home/batcwwjx/old/.trash/wp-content/plugins/contact-form-7/wp-contact-form-7.php' # Script version check [OLD] [Contact Form 7 v5.3 < v5.3.2] '/home/batcwwjx/old/.trash/wp-content/plugins/duplicator/duplicator.php' # Script version check [OLD] [Duplicator v1.3.38 < v1.3.40.1] '/home/batcwwjx/old/.trash/wp-content/plugins/elementor/elementor.php' # Script version check [OLD] [Elementor v3.0.13 < v3.0.15] '/home/batcwwjx/old/.trash/wp-content/plugins/kirki/kirki.php' # Script version check [OLD] [Kirki Customizer Framework v3.1.5 < v3.1.6] '/home/batcwwjx/old/.trash/wp-content/plugins/litespeed-cache/litespeed-cache.php' # Script version check [OLD] [LiteSpeed Cache v3.5.2 < v3.6.1] '/home/batcwwjx/old/.trash/wp-content/plugins/ultimate-member/ultimate-member.php' # Script version check [OLD] [Ultimate Member v2.1.12 < v2.1.15] '/home/batcwwjx/old/.trash/wp-content/plugins/woocommerce/woocommerce.php' # Script version check [OLD] [WooCommerce v4.6.2 < v4.8.0] '/home/batcwwjx/old/.trash/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/batcwwjx/old/.trash/wp-content/plugins/wp-smushit/wp-smush.php' # Script version check [OLD] [Smush v3.7.1 < v3.8.2] '/home/batcwwjx/old/.trash/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.5.3 < v5.6] '/home/batcwwjx/old/public_html/wp-content/plugins/clearfy/clearfy.php' # Script version check [OLD] [Webcraftic Clearfy – WordPress optimization plugin v1.8.0 < v1.8.2] '/home/batcwwjx/old/public_html/wp-content/plugins/elementor/elementor.php' # Script version check [OLD] [Elementor v3.0.14 < v3.0.15] '/home/batcwwjx/old/public_html/wp-content/plugins/litespeed-cache/litespeed-cache.php' # Script version check [OLD] [LiteSpeed Cache v3.5.2 < v3.6.1] '/home/batcwwjx/old/public_html/wp-content/plugins/wp-smushit/wp-smush.php' # Script version check [OLD] [Smush v3.7.3 < v3.8.2] '/home/batcwwjx/old/public_html/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.5.3 < v5.6] '/home/batcwwjx/ozdac.org/.tmb' # World writeable directory '/home/batcwwjx/ozdac.org/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/batcwwjx/ozdac.org/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html' # Suspicious file type [application/x-c] '/home/batcwwjx/public_html/cpanel.php' # Decode regex match = [decode regex: 1] '/home/batcwwjx/public_html/luisX.php' # Universal decode regex match = [universal decoder] # Decode regex match = [decode regex: 1] # (decoded file [depth: 1]) Decode regex match = [decode regex: 1] '/home/batcwwjx/public_html/.tmb' # World writeable directory '/home/batcwwjx/public_html/wp-content/plugins/duplicator/duplicator.php' # Universal decode regex match = [universal decoder] '/home/batcwwjx/public_html/wp-content/plugins/woocommerce/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/batcwwjx/public_html/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html' # Suspicious file type [application/x-c] '/home/batcwwjx/public_html/wp-content/uploads/2021/01/6Hg8Bf' # Linux Binary/Executable [application/x-executable] '/home/batcwwjx/public_html/wp-content/uploads/2021/01/Stub_Linux_amd64.test' # Linux Binary/Executable [application/x-executable] '/home/batcwwjx/public_html/wp-content/uploads/2021/01/tbkegngrm.php' # (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match] [PHP Exploit [P1619]] ----------- SCAN SUMMARY ----------- Scanned directories: 15724 Scanned files: 97227 Ignored items: 3598 Suspicious matches: 60 Viruses found: 0 Fingerprint matches: 1 Data scanned: 2512.65 MB Scan peak memory: 266080 kB Scan time/item: 0.024 sec Scan time: 2727.228 sec
/home/batcwwjx/johnsnowanalytics.monster/../scanreport-batcwwjx-Feb_01_2021_11h29m.txt