芝麻web文件管理V1.00
编辑当前文件:/home/lekhnath/scanreport-lekhnath-2024-06-15T15:57:22.522774.txt
----------- SCAN REPORT ----------- TimeStamp: Sat, 15 Jun 2024 11:57:24 -0400 (/usr/sbin/cxs --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/lekhnath/scanreport-lekhnath-2024-06-15T15:57:22.522774.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user lekhnath --virusscan --vmrssmax 2000000 --waitscan 0 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/lekhnath: '/home/lekhnath/access-logs' # Symlink to [/etc/apache2/logs/domlogs/lekhnath] '/home/lekhnath/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/.cpanel/live-engine-connector-690XVaGNLf.sock' # Socket '/home/lekhnath/.cpanel/live-engine-connector-KNy9qSw3Cj.sock' # Socket '/home/lekhnath/.cpanel/live-engine-connector-ZZR16HXfJz.sock' # Socket '/home/lekhnath/.cpanel/live-engine-connector-afCZat25zm.sock' # Socket '/home/lekhnath/.cpanel/live-engine-connector-tpFSQfKxB3.sock' # Socket '/home/lekhnath/.cpanel/live-engine-connector-uFeVLllNkR.sock' # Socket '/home/lekhnath/.cpanel/live-engine-connector-zYj9wXN7Uy.sock' # Socket '/home/lekhnath/.nc_plugin/hidden' # World writeable directory '/home/lekhnath/.pki/nssdb/dropdown.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/.softaculous/installations.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/auto createdhoteldaybreak.com/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/form-vibes/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/form-vibes/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/mainwp-child/libs/phpseclib/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/mainwp-child/libs/phpseclib/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/wp-mail-smtp/src/Admin/Area.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/wp-mail-smtp/src/Admin/SetupWizard.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/bookyogaretreatnepal/wp-content/plugins/wp-optimize/includes/class-wp-optimize-admin.php' # Universal decode regex match = [universal decoder] # Scan Timeout (30 secs) while processing: '/home/lekhnath/bookyogaretreatnepal/wp-content/wpvividbackups/shivalayayogaashram.com_wpvivid-663903698de0d_2024-05-06-21-50_backup_all.part003.zip' '/home/lekhnath/deepakpariyar.com.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/deepakpariyar.com.np/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/deepakpariyar.com.np/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/deepakpariyar.com.np/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/deepakpariyar.com.np/wp-comment.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/deepakpariyar.com.np/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/deepakpariyar.com.np/wp-loader.php' # Known exploit = [Fingerprint Match (fp)] [PHP WP Exploit [P2193]] '/home/lekhnath/deepakpariyar.com.np/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/deepakpariyar.com.np/wp-ver.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/domainkeys/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/domainkeys/private/admin.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/domainkeys/public/about.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/domainkeys/public/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/etc/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/etc/cityof7lakes.com/@pwcache/n3JaKCgNQu2xUIGN.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/etc/jetsecuritysuppliers.com/about.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/etc/jetsecuritysuppliers.com/wp-login.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/etc/jetsecuritysuppliers.com/@pwcache/n3JaKCgNQu2xUIGN.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/etc/rajanpariyar.com.np/dropdown.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/etc/rajanpariyar.com.np/@pwcache/n3JaKCgNQu2xUIGN.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/etc/seedfoundation.org.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/etc/seedfoundation.org.np/input.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/etc/stupaeducation.edu.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/homedir/mail/checkbox.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/homedir/mail/themes.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/homedir/mail/cur/dropdown.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/homedir/mail/cur/n3JaKCgNQu2xUIGN.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/homedir/mail/hoteldaybreak.com/wp-login.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/homedir/mail/okchha.com/about.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/homedir/mail/okchha.com/n3JaKCgNQu2xUIGN.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/homedir/mail/tic.edu.np/dropdown.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/homedir/mail/tic.edu.np/n3JaKCgNQu2xUIGN.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/hotelyoungsstupa.com/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/wp-loader.php' # Known exploit = [Fingerprint Match (fp)] [PHP WP Exploit [P2193]] '/home/lekhnath/hotelyoungsstupa.com/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/wp-ver.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/old/wp-includes/category-template.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/hotelyoungsstupa.com/old/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.7.8 < v6.5.4] '/home/lekhnath/jetsecuritysuppliers.com/.ftpquotas' # Universal decode regex match = [universal decoder] '/home/lekhnath/jetsecuritysuppliers.com/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jetsecuritysuppliers.com/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] # Clamd Error for [SCAN /home/lekhnath/jetsecuritysuppliers.com.np]: /home/lekhnath/jetsecuritysuppliers.com.np: File path check failure: No such file or directory. ERROR '/home/lekhnath/jiwanp.com.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/jiwanp.com.np/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/wp-loader.php' # Known exploit = [Fingerprint Match (fp)] [PHP WP Exploit [P2193]] '/home/lekhnath/jiwanp.com.np/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/wp-ver.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanp.com.np/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanpariyar.com.np/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/jiwanpariyar.com.np/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathcity.com/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathcity.com/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathcity.com/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathcity.com/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/lekhnathcity.com/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathcity.com/wp-loader.php' # Known exploit = [Fingerprint Match (fp)] [PHP WP Exploit [P2193]] '/home/lekhnath/lekhnathcity.com/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathcity.com/wp-ver.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathsuddhakhanepani/wp-content/plugins/akismet/akismet.php' # Script version check [OLD] [Akismet Anti-Spam v4.1.10 < v5.3.2] '/home/lekhnath/lekhnathsuddhakhanepani/wp-content/plugins/classic-editor/classic-editor.php' # Script version check [OLD] [Classic Editor v1.6 < v1.6.3] '/home/lekhnath/lekhnathsuddhakhanepani/wp-content/plugins/coming-soon-by-supsystic/classes/installer.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/lekhnathsuddhakhanepani/wp-content/plugins/litespeed-cache/litespeed-cache.php' # Script version check [OLD] [LiteSpeed Cache v3.6.4 < v6.2.0.1] '/home/lekhnath/lekhnathsuddhakhanepani/wp-content/plugins/loginizer/loginizer.php' # Script version check [OLD] [Loginizer v1.6.6 < v1.8.4] '/home/lekhnath/lekhnathsuddhakhanepani/wp-content/plugins/password-protected/password-protected.php' # Script version check [OLD] [Password Protected v2.3 < v2.7.2] '/home/lekhnath/lekhnathsuddhakhanepani/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.8.9 < v6.5.4] '/home/lekhnath/lscmData/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.Junk/cur/input.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.hotegfnj.mail.hoteldaybreak_com.info.dovecot_index_log/index.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.hoteldaybreak_com.info.dovecot_list_index_log/input.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.hoteldaybreak_com.info.dovecot_list_index_log/cur/about.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.hoteldaybreak_com.info.dovecot_mailbox_log/dropdown.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.okchha_com.info.dovecot_index_cache/new/input.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.rajanpariyar_com_np.contact/cur/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np/cur/dropdown.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np.admission.dovecot-uidvalidity/wp-login.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np.admission.dovecot_index_cache/tmp/input.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np.gte.dovecot_mailbox_log/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np.info.dovecot-uidvalidity/dropdown.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np.reception.dovecot-acl-list/wp-login.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/mail/.hotegfnj.mail.stupaeducation_edu_np.reception.dovecot_mailbox_log/checkbox.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/newlighthss.edu.np/wp-content/plugins/nextend-smart-slider3-pro/Nextend/SmartSlider3/Storage.php' # Universal decode regex match = [universal decoder] # Scan Timeout (30 secs) while processing: '/home/lekhnath/newlighthss.edu.np/wp-content/themes/Triveni/admin/tgmpa/plugins/revslider.zip' # Clamd Error for [SCAN /home/lekhnath/problem hoteldaybreak.com]: /home/lekhnath/problem hoteldaybreak.com: File path check failure: No such file or directory. ERROR # Scan Timeout (30 secs) while processing: '/home/lekhnath/public_ftp/wordpress-6.4.3.zip' '/home/lekhnath/rajanpariyar.com.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/rajanpariyar.com.np/wp-comment.php' # Decode regex match = [decode regex: 1] '/home/lekhnath/rajanpariyar.com.np/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/wp-loader.php' # Known exploit = [Fingerprint Match (fp)] [PHP WP Exploit [P2193]] '/home/lekhnath/rajanpariyar.com.np/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/wp-ver.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rajanpariyar.com.np/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/rupalake.org.np/wp-content/plugins/akismet/akismet.php' # Script version check [OLD] [Akismet Anti-Spam: Spam Protection v5.1 < v5.3.2] '/home/lekhnath/rupalake.org.np/wp-content/plugins/classic-editor/classic-editor.php' # Script version check [OLD] [Classic Editor v1.6.2 < v1.6.3] '/home/lekhnath/rupalake.org.np/wp-content/plugins/coming-soon/coming-soon.php' # Script version check [OLD] [Coming Soon Page, Maintenance Mode, Landing Pages & WordPress Website Builder by v6.15.4 < v6.17.4] '/home/lekhnath/rupalake.org.np/wp-content/plugins/coming-soon/app/routes.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rupalake.org.np/wp-content/plugins/disable-comments/disable-comments.php' # Script version check [OLD] [Disable Comments v2.4.2 < v2.4.6] '/home/lekhnath/rupalake.org.np/wp-content/plugins/litespeed-cache/litespeed-cache.php' # Script version check [OLD] [LiteSpeed Cache v5.2.1 < v6.2.0.1] '/home/lekhnath/rupalake.org.np/wp-content/plugins/loginizer/loginizer.php' # Script version check [OLD] [Loginizer v1.7.4 < v1.8.4] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wordpress-importer/wordpress-importer.php' # Script version check [OLD] [WordPress Importer v0.8 < v0.8.2] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wordpress-seo/wp-seo.php' # Script version check [OLD] [Yoast SEO v15.5 < v22.7] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wp-optimize/wp-optimize.php' # Script version check [OLD] [WP-Optimize - Clean, Compress, Cache v3.2.9 < v3.3.2] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wp-optimize/includes/class-wp-optimize-admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wp-statistics/wp-statistics.php' # Script version check [OLD] [WP Statistics v13.2.7 < v14.6.4] '/home/lekhnath/rupalake.org.np/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] '/home/lekhnath/rupalake.org.np/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.2.5 < v6.5.4] '/home/lekhnath/seedfoundation.org.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/seedfoundation.org.np/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/wp-loader.php' # Known exploit = [Fingerprint Match (fp)] [PHP WP Exploit [P2193]] '/home/lekhnath/seedfoundation.org.np/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/wp-ver.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/wp-admin/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/seedfoundation.org.np/wp-content/plugins/old/user-role-editor-pro/images/user-role-editor-icon.png' # Suspicious image file (hidden script file) '/home/lekhnath/seedfoundation.org.np/wp-content/plugins/old/wysija-newsletters/data/bookmarks/small/03/google.png' # Suspicious image file (hidden script file) '/home/lekhnath/seedfoundation.org.np/wp-content/plugins/password-protected/password-protected.php' # Script version check [OLD] [Password Protected v2.6.3.1 < v2.7.2] # Scan Timeout (30 secs) while processing: '/home/lekhnath/seedfoundation.org.np/wp-content/themes/SEED Foundation.zip' '/home/lekhnath/seedfoundation.org.np/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.5.3 < v6.5.4] '/home/lekhnath/shishuwasaccos.com.np/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/output.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/shishuwasaccos.com.np/wp-comment.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/assets/Rajan/js/65c4504a13203/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/assets/Rajan/js/65c4504a13203/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/assets/Rajan/js/65c4504a13203/wp-admin.php' # Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2199]] '/home/lekhnath/shishuwasaccos.com.np/assets/Rajan/js/65c4504a13203/wp-comment.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/assets/Rajan/js/65c4504a13203/wp-corn-sample.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/assets/Rajan/js/65c4504a13203/wp-logln.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/wp-admin/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/shishuwasaccos.com.np/wp-content/plugins/autoptimize/autoptimize.php' # Script version check [OLD] [Autoptimize v3.1.6 < v3.1.11] '/home/lekhnath/shishuwasaccos.com.np/wp-content/plugins/contact-form-7/wp-contact-form-7.php' # Script version check [OLD] [Contact Form 7 v5.7.5.1 < v5.9.4] '/home/lekhnath/shishuwasaccos.com.np/wp-content/plugins/loginizer/loginizer.php' # Script version check [OLD] [Loginizer v1.7.7 < v1.8.4] '/home/lekhnath/shishuwasaccos.com.np/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.5.3 < v6.5.4] '/home/lekhnath/softaculous_backups/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/ssl/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/ssl/certs/about.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/ssl/certs/input.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/ssl/csrs/input.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/ssl/csrs/themes.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/ssl/keys/about.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/ssl/keys/input.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/stupaeducation.edu.np/index.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/stupaeducation.edu.np/images/resize-6x.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/lekhnath/ticcollege/wp-content/plugins/jetpack/modules/masterbar/admin-menu/class-admin-menu.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/ticcollege/wp-content/plugins/w3-total-cache/CdnEngine_Ftp.php' # Regular expression match = [\n(?!\s*(//|\#|\*)).*\.ssh/] '/home/lekhnath/ticcollege/wp-content/plugins/wp-statistics/includes/vendor/maxmind-db/reader/ext/maxminddb.c' # Suspicious file type [application/x-c] # Scan Timeout (30 secs) while processing: '/home/lekhnath/ticcollege/wp-content/themes/Triveni.zip' '/home/lekhnath/ticcollege/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.4.4 < v6.5.4] '/home/lekhnath/tmp/text.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/tmp/analog/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/tmp/analog/checkbox.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/tmp/pma_template_compiles_lekhnath/admin.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/tmp/pma_template_compiles_lekhnath/checkbox.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/tmp/pma_template_compiles_lekhnath/twig/index.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/tmp/webalizer/input.php' # Known exploit = [Fingerprint Match (md5)] [PHP Exploit] '/home/lekhnath/tmp/webalizerftp/admin.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/youngsstupa.com/old/wp-includes/category-template.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/youngsstupa.com/old/wp-includes/version.php' # Script version check [OLD] [Wordpress v5.7.8 < v6.5.4] '/home/lekhnath/youngsstupa.com/wp-content/plugins1/masterslider/admin/includes/msp-sample-sliders.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/youngsstupa.com/wp-content/plugins1/masterslider/public/class-master-slider.php' # Universal decode regex match = [universal decoder] # Scan Timeout (30 secs) while processing: '/home/lekhnath/youngsstupa.com/wp-content/themes/Hotel Youngs Stupa.zip' '/home/lekhnath/youngsstupa.com/wp-content/themes/Hotel Youngs Stupa/plugins/masterslider.php' # Universal decode regex match = [universal decoder] '/home/lekhnath/youngsstupa.com/wp-includes/version.php' # Script version check [OLD] [Wordpress v6.4.4 < v6.5.4] ----------- SCAN SUMMARY ----------- Scanned directories: 20305 Scanned files: 125230 Ignored items: 720 Suspicious matches: 204 Viruses found: 0 Fingerprint matches: 43 Data scanned: 19870.83 MB Scan peak memory: 423692 kB Scan time/item: 0.070 sec Scan time: 10207.408 sec