[GET] CodeCanyon - WP Feedback, Survey and Quiz Manager - Pro v 2.5.1

***lostinheaven*** · 04-25-2015, 12:24 AM

FSQM Pro a premium WordPress Form Builder, is a plugin which might make it simpler to buy Feedbacks, Surveys or host Quizes in your WordPress Weblog. Utilizing it, you will create limitless varieties with customized-made themes and gather shopper submissions. All shopper submissions are saved contained inside the database which you will analyze, edit and/or print. The customer might even monitor/see their submission (clearly as soon as it’s essential to) by means of an web net web page. Registered shoppers may need an choice to trace all their submission by means of a central net net web page.

Demo
http://codecanyon.net/item/wordpress-typ...rt/3180835

http://mediafire.com/vz5ni0j9y7l7/Fsqm v2.5.1.rar

SHA256: eb6404a48a95732e950747dbbe6a7c49c272c7086ccde9d6ba13a2d1c118a39d
File name: Fsqm v2.5.1
Detection ratio: 0 / 48

***cormancd*** · 04-25-2015, 01:21 AM

Nice Share Bro ...

***sohomnet*** · 04-25-2015, 01:46 AM

Nice share.....
Rep added

***bimple*** · (This post was last modified: 04-25-2015 08:31 PM by bimple.)

MALICIOUS CODE FOUND -
maintenance Report - Malware code scanner ver 1.0 (10-2)

Date of Execution : 24-04-2015
time of Exectuion : 15:49:4:42
Start time stamp : 1429890582.87
End time stamp : 1429890598.63
Total Execution time : 15.7651

Website :
Base Directory : .././
Total Directories scanned : 319
Total files scanned : 1181
Total files with Malware inserted code : 1
Total files with Malware inserted code Cleaned : 1

*NOTE: Change all access codes: FTP passwords, website admin passwords, Authentication salts

Files infected:
.././/wp-content/plugins/wp-fsqm-pro/classes/class-ipt-fsqm-form-elements-data.php

HERE IS THE CLEANED FILE (PLUG-IN ONLY) WITH MALICIOUS CODE FOUND ABOVE REMOVED:

Code:

I REMOVED THE LINK SINCE NOBODY HERE SEEMED TO APPRECIATE MY EFFORTS IN CLEANING THE PLUGIN

***lostinheaven*** · 04-25-2015, 09:09 AM

Hey, stop promoting your s*** files, saying that it's infected Angry

I've checked you are doing this in other posts, as you could see
there's a virustotal and 0 virus..

(04-25-2015 01:52 AM)bimple Wrote: MALICIOUS CODE FOUND -
maintenance Report - Malware code scanner ver 1.0 (10-2)

Date of Execution : 24-04-2015
time of Exectuion : 15:49:4:42
Start time stamp : 1429890582.87
End time stamp : 1429890598.63
Total Execution time : 15.7651

Website :
Base Directory : .././
Total Directories scanned : 319
Total files scanned : 1181
Total files with Malware inserted code : 1
Total files with Malware inserted code Cleaned : 1

*NOTE: Change all access codes: FTP passwords, website admin passwords, Authentication salts

Files infected:
.././/wp-content/plugins/wp-fsqm-pro/classes/class-ipt-fsqm-form-elements-data.php

HERE IS THE CLEANED FILE (PLUG-IN ONLY) WITH MALICIOUS CODE FOUND ABOVE REMOVED:

Code:

http://www81.zippyshare.com/v/KgNbsRTz/file.html

***Batmans*** · (This post was last modified: 04-25-2015 10:09 AM by Batmans.)

Very nice share. Just wondering is this purchased or from somewhere else? This looks worth buy and that's exactly what I'm going to do.

Thank you for bringing this to my attention. Super script!

BATMAN

***quaramo*** · 04-25-2015, 10:05 AM

bimple there's no real difference between lostinheaven's files and yours

***bimple*** · (This post was last modified: 04-25-2015 12:55 PM by bimple.)

Hey stop pretending that the files aren't infected with malicious scripting that wont get picked up in virustotal. Try this - download the original file that is posted, not the one that I posted that is clean, and run it on your live site - have fun. I don't really give a sh*t if you do. I do however care that this stuff is being reposted as VIRUSTOTAL clean, and people assume that means that there is no malicious code anywhere in the file - bullpuckey. Codecanyon recently released a notice regarding the fact that many of their plugins contain harmful code that can be used maliciously - the code wasn't put there maliciously, but it can be used by hackers. Just like the timthumb exploit. If you want to go around using plugins that you download for free and feel there will be no consequences then you are foolish, because people do insert code in to the files that are shared.

I uploaded the files to my test install, and then ran WP Security Hero on the plugin, and it discovered and cleaned the malicious code, in the places that were stated on the scan.

Sorry if it bursts your ego bubble etc, but facts is facts.

(04-25-2015 09:09 AM)lostinheaven Wrote: Hey, stop promoting your s*** files, saying that it's infected
I've checked you are doing this in other posts, as you could see
there's a virustotal and 0 virus..

(04-25-2015 01:52 AM)bimple Wrote: MALICIOUS CODE FOUND -
maintenance Report - Malware code scanner ver 1.0 (10-2)

Date of Execution : 24-04-2015
time of Exectuion : 15:49:4:42
Start time stamp : 1429890582.87
End time stamp : 1429890598.63
Total Execution time : 15.7651

Website :
Base Directory : .././
Total Directories scanned : 319
Total files scanned : 1181
Total files with Malware inserted code : 1
Total files with Malware inserted code Cleaned : 1

*NOTE: Change all access codes: FTP passwords, website admin passwords, Authentication salts

Files infected:
.././/wp-content/plugins/wp-fsqm-pro/classes/class-ipt-fsqm-form-elements-data.php

HERE IS THE CLEANED FILE (PLUG-IN ONLY) WITH MALICIOUS CODE FOUND ABOVE REMOVED:

Code:

http://www81.zippyshare.com/v/KgNbsRTz/file.html

go ahead and believe that if you want. I don't give a crap. I am aware that many of these files contain exploits, so I cleaned them and re-upped them. Don't worry, I won't be doing that service any longer, thanks to people like you and the other inconsiderate and unappreciative types.

(04-25-2015 10:05 AM)quaramo Wrote: bimple there's no real difference between lostinheaven's files and yours

***NotSo Invisible*** · (This post was last modified: 04-25-2015 02:19 PM by NotSo Invisible.)

(04-25-2015 01:52 AM)bimple Wrote: MALICIOUS CODE FOUND -
maintenance Report - Malware code scanner ver 1.0 (10-2)

Date of Execution : 24-04-2015
time of Exectuion : 15:49:4:42
Start time stamp : 1429890582.87
End time stamp : 1429890598.63
Total Execution time : 15.7651

Website :
Base Directory : .././
Total Directories scanned : 319
Total files scanned : 1181
Total files with Malware inserted code : 1
Total files with Malware inserted code Cleaned : 1

*NOTE: Change all access codes: FTP passwords, website admin passwords, Authentication salts

Files infected:
.././/wp-content/plugins/wp-fsqm-pro/classes/class-ipt-fsqm-form-elements-data.php

HERE IS THE CLEANED FILE (PLUG-IN ONLY) WITH MALICIOUS CODE FOUND ABOVE REMOVED:

Code:

http://www81.zippyshare.com/v/KgNbsRTz/file.html

What are you talking about?
The "Offending" code is exactly this:

Code:

line 3670            <?php

line 3671            ?>

Nothing but a beginning php and ending php. While that may not be desirable for clean code, it does NOTHING.

In your vast experience where have you managed to come up with those tags being "malware or malicious"?

I would suggest there be further enlightening on your part because you are attempting to damage someone's reputation here on BBHF and some of us who pay attention will call you out for it. If you believe those tags are malicious, then maybe you should be more a browser than a participant.

And your claim that "I am aware that many of these files contain exploits, so I cleaned them and re-upped them." is absolutely false. The files are exactly the same throughout the entire plugin except for the file you named above. And the only difference between your file and the OP file is what I pointed out.

***qsuccess*** · 04-25-2015, 03:02 PM

@lostinheaven Thxs! +5Reps It's free to use WP Security Hero: http://bestblackhatforum.com/showthread....pid1213235 ;-)