This would be a great addition if it were 100% clean, but the VT says:
1 detection = VEX3110.Webshell
With all the warnings seen here about Webshell and the bad stuff it can allow to WP sites, this is rather alarming ?!?
The specific file containing the offensive code is: style.css.php
I've read through it as well as all the other PHP files in the archive and could not find anything pointing to another server.
Perhap someone here who is well versed in PHP may be able to pinpoint how to remove the offending code from that file ??
I will wait update on this thread as this would be good if confirmed to be clean
(08-08-2018 10:18 AM)smithnowt Wrote: [ -> ]This would be a great addition if it were 100% clean, but the VT says: 1 detection = VEX3110.Webshell
To be fair, that is the
ONLY "positive" for the file and it's from Bkav - who are an anti-virus company from Vietnam (and a company most people have probably never heard of - I hadn't!)
The other 57/58 anti-virus companies (including ALL the "Top 10" major providers) indicate the file is perfectly safe.
FWIW, Bkav seems to identify an awful lot of files as having "webshells" - even when you download them directly from trusted developers websites.
(09-26-2018 03:56 AM)kirstie Wrote: [ -> ] (08-08-2018 10:18 AM)smithnowt Wrote: [ -> ]This would be a great addition if it were 100% clean, but the VT says: 1 detection = VEX3110.Webshell
To be fair, that is the ONLY "positive" for the file and it's from Bkav - who are an anti-virus company from Vietnam (and a company most people have probably never heard of - I hadn't!)
The other 57/58 anti-virus companies (including ALL the "Top 10" major providers) indicate the file is perfectly safe.
FWIW, Bkav seems to identify an awful lot of files as having "webshells" - even when you download them directly from trusted developers websites.
You wrong! BKAV AV is very popular in Vietnam. It's "Windows Killer" - If you use BKAV AV scan an empty folder, it can show ton of viruses in result, it's genius!
If you never heard:
BKAV company is IT legend in Vietnam, in next weeks, they will launch a smartphone call Bphone version 3 - 'iPhone Killer'. In Vietnam, they call it with the name 'BOOM Phone', because the CEO of BKAV is Nguyen Tu Quang or 'Quang Boom' - a legend boaster in Vietnam.
PS: When scan with VT, dont care about results of BKAV and Rising, they usually show viruses when I scan many themes download directly from Themeforest, pullshit AV softwares!
Fascinating result here !!:
(09-26-2018 12:48 AM)JustJim Wrote: [ -> ]http://www.shelldetector.com/file/20c1bc...452b8514cf
It says=>
Quote:Automated proccess indicate this file as SAFE TO USE
It also shows the BKAV result, but ignores it, wow.
It also says this at the very bottom:
Quote:Automated scanning service provided by virustotal.com
So in essence it is just a repeat of the VT result by the looks of it ??
Not a repeat of the VT results. I just ran the single php file.
(09-26-2018 01:54 PM)smithnowt Wrote: [ -> ]Fascinating result here !!:
(09-26-2018 12:48 AM)JustJim Wrote: [ -> ]http://www.shelldetector.com/file/20c1bc...452b8514cf
It says=>
Quote:Automated proccess indicate this file as SAFE TO USE
It also shows the BKAV result, but ignores it, wow.
It also says this at the very bottom:
Quote:Automated scanning service provided by virustotal.com
So in essence it is just a repeat of the VT result by the looks of it ??
![[Image: wqaXjlR.png]](https://i.imgur.com/wqaXjlR.png)