ヤミRoot VoidGate
User / IP
:
216.73.216.151
Host / Server
:
66.29.153.81 / purpletex.org
System
:
Linux server350.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
Command
|
Upload
|
Mass Deface
|
Create
:
/
home
/
purpiwpx
/
Viewing: scanreport-purpiwpx-Dec_24_2025_04h09m.txt
----------- SCAN REPORT ----------- TimeStamp: Wed, 24 Dec 2025 04:09:52 -0500 (/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/purpiwpx/scanreport-purpiwpx-Dec_24_2025_04h09m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user purpiwpx --virusscan --vmrssmax 2000000 --waitscan 0 --xtra /etc/cxs/cxs.xtra.manual) Scanning /home/purpiwpx: '/home/purpiwpx/alexus mailer.php' # Universal decode regex match = [universal decoder] '/home/purpiwpx/.nc_plugin/hidden' # World writeable directory '/home/purpiwpx/public_html/t6wer-send.php' # ClamAV detected virus = [TO-41941.WEBSHEL.nc_send_php.MD5-61773ee5a2439be2eb1e58202d3070e4.size-453.UNOFFICIAL] '/home/purpiwpx/public_html/images/images/images/images/images/images/images/yhsx.gif' # Suspicious image file (hidden script file) '/home/purpiwpx/public_html/images/images/images/images/images/images/images/images/images/mp3_6931636168376.zip' # (compressed file: b_6931636168376.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2189]] '/home/purpiwpx/public_html/na/na/mpg_691c172f8f170.zip' # (compressed file: b_691c172f8f170.tmp [depth: 1]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]] '/home/purpiwpx/public_html/na/na/na/JnyXAxUtzTWSmfsZKqFP.gif' # Suspicious image file (hidden script file) '/home/purpiwpx/public_html/wp-content/plugins/akismet/_inc/_inc.css' # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-content/plugins/akismet/_inc/img/img.css' # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-content/plugins/akismet/_inc/img/logo-onnnsqsqpoosrn.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-includes/Text/Diff/Engine/onnnsqsqpoosrn.ttf' # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-includes/blocks/cover/style-rel.css' # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-includes/images/w-baaafdfdcbbfea.gif' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-includes/images/xit-3x.gif' # Suspicious image file (hidden script file) '/home/purpiwpx/public_html/wp-includes/images/media/baaafdfdcbbfea.png' # Suspicious image file (hidden script file) # Universal decode regex match = [universal decoder] '/home/purpiwpx/public_html/wp-includes/wp-includes/wp-includes/wp-includes/XPwsfRriYtFegl.jpeg' # Suspicious image file (hidden script file) '/home/purpiwpx/tmp' # World writeable directory '/home/purpiwpx/tmp/webalizer/index.php' # ClamAV detected virus = [{HEX}php.generic.malware.447.UNOFFICIAL] ----------- SCAN SUMMARY ----------- Scanned directories: 441 Scanned files: 2394 Ignored items: 112 Suspicious matches: 21 Viruses found: 2 Fingerprint matches: 2 Data scanned: 3841.31 MB Scan peak memory: 392576 kB Scan time/item: 0.049 sec Scan time: 138.434 sec
Coded With 💗 by
0x6ick