Category: Uncategorized

😱 Since Sunday, October 25, 2020, many US and French sites have been victims of cyber attacks to spread fundamentalist propaganda in a very tense diplomatic context… 🤨

⚡️SECURELI.com provides an IMMEDIATE response TO PROTECT YOU from these attacks: 🎯

🎁 If your site is a victim of this attack: FREE REPAIR (100€ HT => Free)

🎁 Migration Offered and 30% discount on your annual SECURELI hosting (300€ HT / year =>240€ HT / year)

Enjoy now SECURELI services for your site :

🤝 100% uptime guaranteed – Satisfied or refunded
📞  24/7/365 phone support
🙋🏻 Dedicated account manager and a team of Web security experts
⚡️ Same day repair if your site is under attack
🔑 Best possible security for your website
🏦 Continuous backups… and easy restores to safeguard your datas

Do not hesitate to contact us to learn more about the security of your site : (833) SITE-FIX !

WordPress is a platform super popular for hackers, as it powers ~70% of the websites online.

The most common way they are hacked are due to outdated core versions of WordPress, insecure plugins, and insecure themes.

We decided to create a script that would allow us to quickly identify if a website was vulnerable to WordPress, based on its version number.

https://wpvulndb.com/wordpresses/ was our resource for creating an array in Golang to check against the version number we pulled from our internal WordPress version number identification script.

This script turned out to be FAST! It was our first time working with Golang, and the shear power of multithreading HTTP requests made it a game changer when monitoring & scanning millions of WordPress sites, to contact website owners & agencies with this vulnerability information, so we can prevent them from having to rely on a hacked website repair service or WordPress malware removal.

“Hacker101 is a free class for web security. Whether you’re a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you.”

https://github.com/tidave85/hacker101 suffers from the following open source dependency vulnerabilities.

/hacker101/assets/javascript/bootstrap/bootstrap.bundle.min.js

↳ bootstrap 4.1.0 has known vulnerabilities: severity: high; issue: 28236, summary: XSS in data-template, data-content and data-title properties of tooltip/popover, CVE: CVE-2019-8331; https://github.com/twbs/bootstrap/issues/28236 severity: medium; issue: 20184, summary: XSS in data-target property of scrollspy, CVE: CVE-2018-14041; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in collapse data-parent attribute, CVE: CVE-2018-14040; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in data-container property of tooltip, CVE: CVE-2018-14042; https://github.com/twbs/bootstrap/issues/20184

/hacker101/assets/javascript/bootstrap/jquery.min.js

↳ jquery 3.3.1 has known vulnerabilities: severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

https://github.com/Saamyy/kotlin suffers from the following open source dependency vulnerabilities, relying on an outdated version of jQuery.

/kotlin/libraries/examples/browser-example/src/js/jquery.js

↳ jquery 1.6.2 has known vulnerabilities: severity: medium; CVE: CVE-2011-4969, summary: XSS with location.hash; https://nvd.nist.gov/vuln/detail/CVE-2011-4969 http://research.insecurelabs.org/jquery/test/ https://bugs.jquery.com/ticket/9521 severity: medium; CVE: CVE-2012-6708, bug: 11290, summary: Selector interpreted as HTML; http://bugs.jquery.com/ticket/11290 https://nvd.nist.gov/vuln/detail/CVE-2012-6708 http://research.insecurelabs.org/jquery/test/ severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

/kotlin/libraries/examples/browser-example-with-library/src/js/jquery.js

↳ jquery 1.6.2 has known vulnerabilities: severity: medium; CVE: CVE-2011-4969, summary: XSS with location.hash; https://nvd.nist.gov/vuln/detail/CVE-2011-4969 http://research.insecurelabs.org/jquery/test/ https://bugs.jquery.com/ticket/9521 severity: medium; CVE: CVE-2012-6708, bug: 11290, summary: Selector interpreted as HTML; http://bugs.jquery.com/ticket/11290 https://nvd.nist.gov/vuln/detail/CVE-2012-6708 http://research.insecurelabs.org/jquery/test/ severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

Your Guide to Hacked WordPress Repair

If you run a website, you have to be prepared for the reality that it could be hacked at some point. Dealing with a hacked website can be stressful, and when it’s a WordPress site specifically, it can be even more frustrating because repairs won’t be the same as they would for a standard website.

Fortunately, this guide will help you learn the basics of hacked WordPress repair, including what you can do and when to call for help.

Hacking Can Cause All Kinds of Damage
If your WordPress website (or any other site, for that matter) is hacked, it can affect a lot of different things. If you run an e-commerce business or have customer payment information on file, you could expose them to security risks. You can lose your rankings in search engines, and even be blacklisted if the infection is serious enough.

Being hacked can expose visitors to viruses and malware, cause you to lose site data, and even ruin your reputation due to the security breaches or by the virus redirects to bad websites. It’s bad news in a lot of ways, but there is something you can do.

How to Repair Your Hacked WordPress Site

Step One: Find the hack and its source. Check to see if you can log in to the admin panel or if there are links popping up that you didn’t put on the site. Maybe you realized there was a problem because of malware redirects or that Google started flagging your site as unsafe. Either way, you have to find the source.

Step Two: Change your passwords immediately. If you can, put your site into maintenance mode so that it’s not continuing to cause damage. You may be able to restore your site from a backup, but you could risk losing fresh content so you’ll have to consider this in your decision.

Step Three: If you use hosting services, check to make sure they didn’t have a breach that’s bigger than your own WordPress site. They may have more information about what happened or how to fix it. In some cases, they might even clean up the mess for you.

Step Four: Find and remove the malware, bad code, or other infection. With WordPress, you’ll often find backdoors for hackers hiding in inactive plugins and themes. Delete any of these to ensure they’re not the problem. You can use any number of free plugins to do security audits and help with hacked WordPress repair.

Protect Yourself for the Future

If you don’t already, invest in a reputable WordPress hosting service. If the budget allows, consider using managed hosting services for the best security and hacking prevention. Also, make sure that you have a backup option for your website so that you can back everything up before you begin the repair process.

While you might be able to manage most of the process, you should really call in the professionals for hacked WordPress repair. Hacking repair specialists will ensure that you get the results that you deserve and that your WordPress site is better protected against future threats.

Need an expert to repair your website? Contact us today by calling (833) SITE-FIX.

Resources
https://www.tripwire.com/state-of-security/security-awareness/fix-hacked-wordpress-site/
https://www.wpbeginner.com/beginners-guide/beginners-step-step-guide-fixing-hacked-wordpress-site/

/work/OSD/repo/upload/admin/view/javascript/ckeditor/ckeditor.js
↳ ckeditor 4.9.1 has known vulnerabilities: severity: medium; summary: XSS if the enhanced image plugin is installed; https://ckeditor.com/blog/CKEditor-4.9.2-with-a-security-patch-released/ https://ckeditor.com/cke4/release-notes severity: medium; summary: XSS vulnerability in the HTML parser; https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/ https://snyk.io/vuln/SNYK-JS-CKEDITOR-72618
/work/OSD/repo/upload/admin/view/javascript/jquery/jquery-3.3.1.min.js

↳ jquery 3.3.1 has known vulnerabilities: severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
/work/OSD/repo/upload/catalog/view/javascript/jquery/jquery-3.3.1.min.js

↳ jquery 3.3.1 has known vulnerabilities: severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
/work/OSD/repo/upload/install/view/javascript/jquery/jquery-2.1.1.min.js

↳ jquery 2.1.1 has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

/work/OSD/repo/upload/admin/view/javascript/jquery/datetimepicker/bootstrap.min.js
↳ bootstrap 3.3.5 has known vulnerabilities: severity: high; issue: 28236, summary: XSS in data-template, data-content and data-title properties of tooltip/popover, CVE: CVE-2019-8331; https://github.com/twbs/bootstrap/issues/28236 severity: medium; issue: 20184, summary: XSS in data-target property of scrollspy, CVE: CVE-2018-14041; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in collapse data-parent attribute, CVE: CVE-2018-14040; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in data-container property of tooltip, CVE: CVE-2018-14042; https://github.com/twbs/bootstrap/issues/20184
/work/OSD/repo/upload/admin/view/javascript/jquery/flot/jquery.js

↳ jquery 1.8.3 has known vulnerabilities: severity: medium; CVE: CVE-2012-6708, bug: 11290, summary: Selector interpreted as HTML; http://bugs.jquery.com/ticket/11290 https://nvd.nist.gov/vuln/detail/CVE-2012-6708 http://research.insecurelabs.org/jquery/test/ severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
/work/OSD/repo/upload/admin/view/javascript/jquery/flot/jquery.min.js

↳ jquery 1.8.3 has known vulnerabilities: severity: medium; CVE: CVE-2012-6708, bug: 11290, summary: Selector interpreted as HTML; http://bugs.jquery.com/ticket/11290 https://nvd.nist.gov/vuln/detail/CVE-2012-6708 http://research.insecurelabs.org/jquery/test/ severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
/work/OSD/repo/upload/admin/view/javascript/jquery/jquery-ui/jquery-ui.js

↳ jquery-ui-dialog 1.11.4 has known vulnerabilities: severity: high; CVE: CVE-2016-7103, bug: 281, summary: XSS Vulnerability on closeText option; https://github.com/jquery/api.jqueryui.com/issues/281 https://nvd.nist.gov/vuln/detail/CVE-2016-7103 https://snyk.io/vuln/npm:jquery-ui:20160721

↳ jquery-ui-autocomplete 1.11.4
↳ jquery-ui-tooltip 1.11.4
/work/OSD/repo/upload/admin/view/javascript/jquery/jquery-ui/jquery-ui.min.js
↳ jquery-ui-dialog 1.11.4 has known vulnerabilities: severity: high; CVE: CVE-2016-7103, bug: 281, summary: XSS Vulnerability on closeText option; https://github.com/jquery/api.jqueryui.com/issues/281 https://nvd.nist.gov/vuln/detail/CVE-2016-7103 https://snyk.io/vuln/npm:jquery-ui:20160721

↳ jquery-ui-autocomplete 1.11.4
/work/OSD/repo/upload/catalog/view/javascript/jquery/datetimepicker/bootstrap.min.js
↳ bootstrap 3.3.5 has known vulnerabilities: severity: high; issue: 28236, summary: XSS in data-template, data-content and data-title properties of tooltip/popover, CVE: CVE-2019-8331; https://github.com/twbs/bootstrap/issues/28236 severity: medium; issue: 20184, summary: XSS in data-target property of scrollspy, CVE: CVE-2018-14041; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in collapse data-parent attribute, CVE: CVE-2018-14040; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in data-container property of tooltip, CVE: CVE-2018-14042; https://github.com/twbs/bootstrap/issues/20184

/work/OSD/repo/upload/install/view/javascript/bootstrap/js/bootstrap.js
↳ bootstrap 3.0.1 has known vulnerabilities: severity: high; issue: 28236, summary: XSS in data-template, data-content and data-title properties of tooltip/popover, CVE: CVE-2019-8331; https://github.com/twbs/bootstrap/issues/28236 severity: medium; issue: 20184, summary: XSS in data-target property of scrollspy, CVE: CVE-2018-14041; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in collapse data-parent attribute, CVE: CVE-2018-14040; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in data-container property of tooltip, CVE: CVE-2018-14042; https://github.com/twbs/bootstrap/issues/20184

/work/OSD/repo/upload/install/view/javascript/bootstrap/js/bootstrap.min.js
↳ bootstrap 3.0.1 has known vulnerabilities: severity: high; issue: 28236, summary: XSS in data-template, data-content and data-title properties of tooltip/popover, CVE: CVE-2019-8331; https://github.com/twbs/bootstrap/issues/28236 severity: medium; issue: 20184, summary: XSS in data-target property of scrollspy, CVE: CVE-2018-14041; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in collapse data-parent attribute, CVE: CVE-2018-14040; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in data-container property of tooltip, CVE: CVE-2018-14042; https://github.com/twbs/bootstrap/issues/20184

/work/OSD/repo/upload/admin/view/javascript/jquery/jquery-ui/external/jquery/jquery.js
↳ jquery 1.10.2 has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

Located in /public/js/app.js

↳ jquery 3.3.1 has known vulnerabilities: severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

I decided to scan RetireJS using its own codebase, and discovered the following issues in RetireJS:

/home/omi/clients/retire/firefox/test/web/dojo.js
↳ dojo 1.4.2 has known vulnerabilities: severity: medium; PR: 307; https://github.com/dojo/dojo/pull/307 https://dojotoolkit.org/blog/dojo-1-14-released

/home/omi/clients/retire/firefox/test/web/retire-example-0.0.1.js
↳ retire-example 0.0.1 has known vulnerabilities: severity: low; CVE: CVE-XXXX-XXXX, bug: 1234, summary: bug summary; http://github.com/eoftedal/retire.js/

/home/omi/clients/retire/firefox/test/web/retire-example.js
↳ retire-example 0.0.1 has known vulnerabilities: severity: low; CVE: CVE-XXXX-XXXX, bug: 1234, summary: bug summary; http://github.com/eoftedal/retire.js/

/home/omi/clients/retire/node/spec/tests/contentscan.spec.js
↳ jquery 1.8.1 has known vulnerabilities: severity: medium; CVE: CVE-2012-6708, bug: 11290, summary: Selector interpreted as HTML; http://bugs.jquery.com/ticket/11290 https://nvd.nist.gov/vuln/detail/CVE-2012-6708 http://research.insecurelabs.org/jquery/test/ severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

Recently, I communicated 3 serious security vulnerabilities that affected major a Java-based CMS that powers.

I sent a message via e-mail, and they quickly released a “hot fix” that was merely hiding the vulnerable files behind their authentication system.

The reason this is not an effective way to protect your digital applications is because an authenticated user is the highest-profile target in a digital attack. If someone were to exploit these vulnerabilities, it would most likely be through a spear-phishing scheme.

What was most surprising was that none of these 3 security vulnerabilities were addressed in their change log, and the most recent post that stated “vulnerability” was a full major version ago.

So, what does a security researcher do at this point?

Let’s try getting them on the phone and scheduling a time to work through proper remediation.