Current File : /home/itiffy/scan__report.txt

----------- SCAN REPORT -----------
TimeStamp: Sun, 14 Nov 2021 15:12:24 -0500
(/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 100000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/itiffy/scan__report.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user itiffy --virusscan --vmrssmax 2000000 --xtra /etc/cxs/cxs.xtra.manual)


Scanning /home/itiffy:

'/home/itiffy/.nc_plugin/hidden'
# World writeable directory

'/home/itiffy/.trash/adindex.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1791]]

'/home/itiffy/.trash/bash'
# Linux Binary/Executable [application/x-executable]

'/home/itiffy/.trash/d39ju.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1885]]

'/home/itiffy/.trash/fox.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1885]]

'/home/itiffy/.trash/locked.php'
# Universal decode regex match = [universal decoder]

'/home/itiffy/.trash/ourtFud.zip'
# (compressed file: ourtFud/blocker.php [depth: 1]) Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/##blog---@@@/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.0.2 < v4.2.1]

'/home/itiffy/.trash/##blog---@@@/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.18 < v5.8.2]

'/home/itiffy/.trash/.well-known/pki-validation/.theme.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/.well-known/pki-validation/Chase.com/antifuck.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1602]]

'/home/itiffy/.trash/.well-known/pki-validation/Chase.com/index.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1602]]

'/home/itiffy/.trash/.well-known/pki-validation/Chase.com/XBALTI/Email.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1602]]

'/home/itiffy/.trash/.well-known/pki-validation/Chase.com/XBALTI/send.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1602]]

'/home/itiffy/.trash/.well-known/pki-validation/Chase.com/admin/imageprofile.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1602]]

'/home/itiffy/.trash/.well-known/pki-validation/Chase.com/admin/index.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1602]]

'/home/itiffy/.trash/.well-known/pki-validation/apps.rackspace.com/Unzip.php'
# Known exploit = [Fingerprint Match] [PHP Shell Exploit]

'/home/itiffy/.trash/.well-known/pki-validation/apps.rackspace.com/blocker.php'
# Known exploit = [Fingerprint Match] [PHP Bypass Exploit [P1840]]

'/home/itiffy/.trash/app/blocker.php'
# Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/app/home/action.php'
# Known exploit = [Fingerprint Match] [PHP Spammer Exploit [P0759]]

'/home/itiffy/.trash/app/home/action2.php'
# Known exploit = [Fingerprint Match] [PHP Spammer Exploit [P0759]]

'/home/itiffy/.trash/app/home/info.php'
# Known exploit = [Fingerprint Match] [PHP cPanel Exploit [P1519]]

'/home/itiffy/.trash/app/home/result.php'
# Known exploit = [Fingerprint Match] [PHP Spammer Exploit [P0759]]

'/home/itiffy/.trash/bkp/app/memey.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/blog/wp-admin/images/index.php'
# Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1918]]

'/home/itiffy/.trash/bkp/blog/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.0.2 < v4.2.1]

'/home/itiffy/.trash/bkp/blog/wp-content/plugins/wp-invoice/static/images/.theme.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/blog/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.18 < v5.8.2]

'/home/itiffy/.trash/bkp/blog/wp-includes/Requests/Cookie/.theme.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/public/video/.2021.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1885]]

'/home/itiffy/.trash/bkp/public/video/1/asu.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Decode regex match = [decode regex: 1]
# (decoded file [advanced decoder: 14 (depth: 1)]) Decode regex match = [decode regex: 1]

'/home/itiffy/.trash/bkp/public/video/1/index.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Decode regex match = [decode regex: 1]
# (decoded file [advanced decoder: 14 (depth: 1)]) Decode regex match = [decode regex: 1]

'/home/itiffy/.trash/bkp/public/video/1/next.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Decode regex match = [decode regex: 1]
# (decoded file [advanced decoder: 14 (depth: 1)]) Decode regex match = [decode regex: 1]

'/home/itiffy/.trash/bkp/resources/views/emails/.theme.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/tests/Unit/.theme.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/vendor/hamcrest/hamcrest-php/.theme.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/vendor/hamcrest/hamcrest-php/memey.php'
# Known exploit = [Fingerprint Match] [PHP WP Exploit [P1626]]

'/home/itiffy/.trash/bkp/vendor/laravel/framework/src/Illuminate/Cache/Events/index.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1930]]

'/home/itiffy/.trash/bkp/vendor/phpspec/prophecy/README.md'
# Regular expression match = [\*[A-Za-z0-9]{12,130}\*]

'/home/itiffy/.trash/bkp/vendor/phpunit/phpunit/src/Util/Log/Mylegion.php'
# Decode regex match = [decode regex: 1]

'/home/itiffy/.trash/bkp/vendor/phpunit/phpunit/src/Util/PHP/admin.php'
# Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/bkp/vendor/phpunit/phpunit/src/Util/PHP/alfa.php'
# Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/bkp/vendor/phpunit/phpunit/src/Util/PHP/fox.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1885]]

'/home/itiffy/.trash/bkp/vendor/phpunit/phpunit/src/Util/PHP/tshop.php'
# Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/bkp/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]

'/home/itiffy/.trash/bkp/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]

'/home/itiffy/.trash/blog/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.0.2 < v4.2.1]

'/home/itiffy/.trash/blog/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.18 < v5.8.2]

'/home/itiffy/.trash/blog.1/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.0.2 < v4.2.1]

'/home/itiffy/.trash/blog.1/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.3 < v5.8.2]

'/home/itiffy/.trash/citizensbank/.htaccess'
# Regular expression match = [\b0day]

'/home/itiffy/.trash/citizensbank/Anti/Bot-Spox.php'
# Known exploit = [Fingerprint Match] [PHP Bot Exploit [P1886]]

'/home/itiffy/.trash/citizensbank/Anti/new.php'
# Known exploit = [Fingerprint Match] [PHP Bypass Exploit [P1840]]

'/home/itiffy/.trash/citizensbank/prevents/blocker.php'
# Known exploit = [Fingerprint Match] [PHP Bypass Exploit [P1840]]

'/home/itiffy/.trash/citizensbank/prevents/pap/.htaccess'
# Regular expression match = [\b0day]

'/home/itiffy/.trash/vendor/phpspec/prophecy/README.md'
# Regular expression match = [\*[A-Za-z0-9]{12,130}\*]

'/home/itiffy/.trash/vendor/phpunit/phpunit/src/Util/Log/JUSON.php'
# Known exploit = [Fingerprint Match] [Hacker Sig Exploit [P1482]]

'/home/itiffy/.trash/vendor/phpunit/phpunit/src/Util/Log/Mylegion.php'
# Decode regex match = [decode regex: 1]

'/home/itiffy/.trash/vendor/phpunit/phpunit/src/Util/PHP/mini.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1792]]

'/home/itiffy/.trash/vendor/phpunit/phpunit/src/Util/PHP/tshop.php'
# Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/vendor/phpunit/phpunit/src/Util/PHP/vin.php'
# Known exploit = [Fingerprint Match] [RFI Exploit [P1419]]

'/home/itiffy/.trash/vendor/phpunit/phpunit/src/Util/PHP/wp-php.php'
# Known exploit = [Fingerprint Match] [PHP Exploit]

'/home/itiffy/.trash/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]

'/home/itiffy/.trash/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]

'/home/itiffy/.trash/vendor.2/phpspec/prophecy/README.md'
# Regular expression match = [\*[A-Za-z0-9]{12,130}\*]

'/home/itiffy/.trash/vendor.2/phpunit/phpunit/src/Util/Log/Mylegion.php'
# Decode regex match = [decode regex: 1]

'/home/itiffy/.trash/vendor.2/phpunit/phpunit/src/Util/PHP/moha.php'
# Known exploit = [Fingerprint Match] [PHP Exploit [P1894]]

'/home/itiffy/.trash/vendor.2/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]

'/home/itiffy/.trash/vendor.2/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]

'/home/itiffy/mail/new'
# Skipped - too many resources: 317159 ( > filemax=100000)

'/home/itiffy/public_html/blog/wp-content/plugins/akismet/akismet.php'
# Script version check [OLD] [Akismet Anti-Spam v4.0.2 < v4.2.1]

'/home/itiffy/public_html/blog/wp-includes/version.php'
# Script version check [OLD] [Wordpress v4.9.3 < v5.8.2]

'/home/itiffy/public_html/vendor/phpspec/prophecy/README.md'
# Regular expression match = [\*[A-Za-z0-9]{12,130}\*]

'/home/itiffy/public_html/vendor/symfony/console/Resources/bin/hiddeninput.exe'
# MS Windows Binary/Executable [application/x-winexec]

'/home/itiffy/public_html/vendor/symfony/debug/Resources/ext/symfony_debug.c'
# Suspicious file type [application/x-c]

----------- SCAN SUMMARY -----------
Scanned directories: 21125
Scanned files: 83737
Ignored items: 283
Suspicious matches: 78
Viruses found: 0
Fingerprint matches: 41
Data scanned: 2304.89 MB
Scan peak memory: 310440 kB
Scan time/item: 0.012 sec
Scan time: 1250.568 sec