403Webshell
Server IP : 192.64.118.117  /  Your IP : 13.58.37.107
Web Server : LiteSpeed
System : Linux premium56.web-hosting.com 4.18.0-513.24.1.lve.1.el8.x86_64 #1 SMP Thu May 9 15:10:09 UTC 2024 x86_64
User : thecgapy ( 1160)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/thecgapy/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/thecgapy/scanreport-thecgapy-Jul_27_2020_10h29m.txt
----------- SCAN REPORT -----------
TimeStamp: Mon, 27 Jul 2020 10:29:02 -0400
(/usr/sbin/cxs --nobayes --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --qoptions Mv --report /home/thecgapy/scanreport-thecgapy-Jul_27_2020_10h29m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user thecgapy --virusscan --vmrssmax 2000000 --xtra /etc/cxs/cxs.xtra.manual)


Scanning /home/thecgapy:

'/home/thecgapy/access-logs'
# Symlink to [/usr/local/apache/domlogs/thecgapy]

'/home/thecgapy/.cl.selector/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.cpanel/live-engine-connector-rMjQ2refJc.sock'
# Socket

'/home/thecgapy/.cpanel/live-engine-connector-wiVJ6NvCw5.sock'
# Socket

'/home/thecgapy/.cpanel/caches/dynamicui/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.cphorde/meta/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.ftp-scan/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.htpasswds/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.nc_plugin/hidden'
# World writeable directory

'/home/thecgapy/.pki/nssdb/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.razor/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.spamassassin/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.sqmailattach/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.sqmaildata/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/.subaccounts/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/Rabinrealty.com/cgi-bin/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/Salesincentivegiveaways.com/cgi-bin/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/TCRGFinancesuite.com/cgi-bin/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/TCRGMobilemarketing.com/cgi-bin/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/creditrepair4you.com/cgi-bin/metaclass-useractive.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]

'/home/thecgapy/digitalbusinesscardz.com/wordpress/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.2.5 < v5.4.2]

'/home/thecgapy/digitalbusinesscardz.com/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.2 < v4.1.6]
# Scan Timeout (30 secs) while processing:
'/home/thecgapy/digitalbusinesscardz.com/wp-content/themes/Divi-old.zip'

'/home/thecgapy/digitalbusinesscardz.com/wp-content/themes/Divi-5dec/includes/builder/frontend-builder/helpers.php'
# Universal decode regex match = [universal decoder]

'/home/thecgapy/digitalbusinesscardz.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.2.7 < v5.4.2]

'/home/thecgapy/mail/teamrabin.com/neil/.Trash/cur'
# Skipped - too many resources: 65467 ( > filemax=50000)
# Scan Timeout (30 secs) while processing:
'/home/thecgapy/mobilecreationz.com/20150603_website2_556e9ac1e0dc64434150603061217_archive.zip'

'/home/thecgapy/mobilecreationz.com/backup-1463232700-wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.5.2 < v5.4.2]

'/home/thecgapy/mobilecreationz.com/backup-1463232700-wp-includes/js/mediaelement/silverlightmediaelement.xap'
# (compressed file: SilverlightMediaElement.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]

'/home/thecgapy/mobilecreationz.com/backup-1463232700-wp-includes/js/plupload/plupload.silverlight.xap'
# (compressed file: Moxie.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]

'/home/thecgapy/mobilecreationz.com/wordpress1/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.1.2 < v4.1.6]

'/home/thecgapy/mobilecreationz.com/wordpress1/wp-includes/version.php'
# Script version check [OLD] [Wordpress v5.2.4 < v5.4.2]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/beaver-builder-lite-version/fl-builder.php'
# Script version check [OLD] [Beaver Builder Plugin (Lite Version) v1.9.4 < v2.3.2.5]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/better-wp-security/better-wp-security.php'
# Script version check [OLD] [iThemes Security v6.1.1 < v7.7.1]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v4.7 < v5.2]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/duplicator/duplicator.php'
# Script version check [OLD] [Duplicator v1.1.32 < v1.3.36]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/e-signature/lib/tcpdf/include/tcpdf_fonts.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/go_pricing/assets/lib/js/mediaelementjs/silverlightmediaelement.xap'
# (compressed file: SilverlightMediaElement.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/gtranslate/gtranslate.php'
# Script version check [OLD] [GTranslate v2.8.43 < v2.8.55]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/ml-slider/ml-slider.php'
# Script version check [OLD] [Meta Slider v3.4.1 < v3.16.4]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/simple-custom-css/simple-custom-css.php'
# Script version check [OLD] [Simple Custom CSS v3.3 < v4.0.4]

'/home/thecgapy/mobilecreationz.com/wp-content/plugins/wp-smushit/wp-smush.php'
# Script version check [OLD] [WP Smush v2.5.3 < v3.6.3]

'/home/thecgapy/mobilecreationz.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.12 < v5.4.2]

'/home/thecgapy/public_ftp/incoming'
# World writeable directory

'/home/thecgapy/public_html/backup-1463232700-wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.5.2 < v5.4.2]

'/home/thecgapy/public_html/backup-1463232700-wp-includes/js/mediaelement/silverlightmediaelement.xap'
# (compressed file: SilverlightMediaElement.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]

'/home/thecgapy/public_html/backup-1463232700-wp-includes/js/plupload/plupload.silverlight.xap'
# (compressed file: Moxie.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]

'/home/thecgapy/public_html/wp-content/plugins/beaver-builder-lite-version/fl-builder.php'
# Script version check [OLD] [Beaver Builder Plugin (Lite Version) v1.9.4 < v2.3.2.5]

'/home/thecgapy/public_html/wp-content/plugins/better-wp-security/better-wp-security.php'
# Script version check [OLD] [iThemes Security v6.1.1 < v7.7.1]

'/home/thecgapy/public_html/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v4.7 < v5.2]

'/home/thecgapy/public_html/wp-content/plugins/duplicator/duplicator.php'
# Script version check [OLD] [Duplicator v1.1.32 < v1.3.36]

'/home/thecgapy/public_html/wp-content/plugins/e-signature/lib/tcpdf/include/tcpdf_fonts.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/public_html/wp-content/plugins/go_pricing/assets/lib/js/mediaelementjs/silverlightmediaelement.xap'
# (compressed file: SilverlightMediaElement.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]

'/home/thecgapy/public_html/wp-content/plugins/gtranslate/gtranslate.php'
# Script version check [OLD] [GTranslate v2.8.43 < v2.8.55]

'/home/thecgapy/public_html/wp-content/plugins/ml-slider/ml-slider.php'
# Script version check [OLD] [Meta Slider v3.4.1 < v3.16.4]

'/home/thecgapy/public_html/wp-content/plugins/simple-custom-css/simple-custom-css.php'
# Script version check [OLD] [Simple Custom CSS v3.3 < v4.0.4]

'/home/thecgapy/public_html/wp-content/plugins/wp-smushit/wp-smush.php'
# Script version check [OLD] [WP Smush v2.5.3 < v3.6.3]

'/home/thecgapy/public_html/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.15 < v5.4.2]

'/home/thecgapy/tcrgfinancesuite.com/fetah.php'
# Decode regex match = [decode regex: 1]

'/home/thecgapy/tcrgfinancesuite.com/.tmb'
# World writeable directory

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.0.8 < v4.1.6]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/contact-form-7/wp-contact-form-7.php'
# Script version check [OLD] [Contact Form 7 v5.0.5 < v5.2]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/duplicate-post/duplicate-post.php'
# Script version check [OLD] [Duplicate Post v3.2.2 < v3.2.5]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wordpress-importer/wordpress-importer.php'
# Script version check [OLD] [WordPress Importer v0.6.4 < v0.7]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeBox.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeDriver.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeDropbox.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeDropbox2.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeFTP.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeGoogleDrive.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeGroup.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeLocalFileSystem.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeMySQL.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/plugins/wp-file-manager/lib/php/elFinderVolumeOneDrive.class.php'
# Regular expression match = [symlink\s*\(]

'/home/thecgapy/tcrgfinancesuite.com/wp-content/uploads/js_composer'
# World writeable directory

'/home/thecgapy/tcrgfinancesuite.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.13 < v5.4.2]

'/home/thecgapy/tcrgfinancesuite.com/wp-includes/pomo/jss.php.suspected'
# Regular expression match = [\*[A-Za-z0-9]{12,130}\*]

'/home/thecgapy/www.teamrabin.com'
# Suspicious directory

----------- SCAN SUMMARY -----------
Scanned directories: 7130
Scanned files: 93894
Ignored items: 556
Suspicious matches: 77
Viruses found: 0
Fingerprint matches: 16
Data scanned: 8090.40 MB
Scan peak memory: 238564 kB
Scan time/item: 0.060 sec
Scan time: 6090.361 sec

Youez - 2016 - github.com/yon3zu
LinuXploit