Top

Author Archive | admin

Install cPanel and cPGuard to CentOS 7.x

This tutorial we installing cPanel server with cPGuard plugin. First need fresh minimal install of CentOS. Installation Requirements Minimum of 1 GB RAM (but 2 GB recommended). At least 20GB of free disk space (but 40 GB recommended). A valid cPanel license. Standard hostname (FQDN or Fully Qualified Domain Name) Perl Please note: Once you […]

Continue Reading

Rootkits

As malware go, rootkits are one of the more nasty ones. They are difficult to detect and are capable of causing more serious damage to any system they are installed in. What is a rootkit? Essentially, a rootkit is a software application designed to provide privileged access (hence the “root” in the name) to a […]

Continue Reading

wp-crawl.php

WordPress Duplicator version below <1.2.42 have Remote Code Execution (RCE) vulnerability, which allow modify wp-config.php file and inject malicious PHP code in there. Vulnerable code in this case isn’t present within the Duplicator plugin directory itself. The flaw becomes exposed when using Duplicator to migrate or restore a backed-up copy of a WordPress site. Reminder […]

Continue Reading

Drupal – Remote Code Execution (SA-CORE-2018-004 / CVE-2018-7602) nicknamed Drupalgeddon 3

This vulnerability discovered Drupal security team one weeks ago, a highly critical (20/25 NIST rank), (SA-CORE-2018-004 / CVE-2018-7602) nicknamed Drupalgeddon 3. This vulnerability continues Drupalgeddon 2 and allow an unauthenticated attacker to perform remote code execution. An exploitation method was published a few days ago for this vulnerability which allows attacker in the server execute […]

Continue Reading

Drupal – Remote Code Execution (SA-CORE-2018-002 / CVE-2018-7600) nicknamed Drupalgeddon 2

This vulnerability discovered Drupal security team two weeks ago, a highly critical (25/25 NIST rank), (SA-CORE-2018-002 / CVE-2018-7600) nicknamed Drupalgeddon 2. This vulnerability allowed an unauthenticated attacker to perform remote code execution. An exploitation method was published a few days ago for this vulnerability which allows attacker in the server execute any code with user […]

Continue Reading

Disable Theme and Plugin Editors from WordPress

This is a big problem, if customer using very weak password’s with default username’s like admin/administrator and etc. Even if you don’t use default username you can get it very easily. Get WordPress username https://wordpress.site/?author=1 This redirects your correct username author page and you can get easily correct username which is probably admin user. If […]

Continue Reading

Website backdoors with $variable functions

When a website is compromised, attackers frequently leave behind a backdoor – which is PHP code in a new file or injected PHP code to file that already on the server. These backdoors are not designed to attack a website or destroy data. Typically they allow an attacker to re-enter a targeted website with little […]

Continue Reading

cPGuard Security Suite for cPanel Servers – Now Offers Automatic Virus cleanup [ Beta ]

New version of cPGuard provides an exciting option to clean the file injections automatically and to restore the original file after removing the injection. Advantages of the particular option are 1. Prevent abusing the exploit further 2. Prevent website down due to the injected code 3. Reduce admin efforts to restore website after removing file […]

Continue Reading

PHP File upload vulnerabilities

Why PHP File Upload vulnerabilities is a Major Security problem ? There are lots of Web sites, which using some kind Content Management Systems (CMS), like WordPress, Joomla and etc., where an ability upload content like text, images and so on. There is no nothing bad for this, but there are also a lot of […]

Continue Reading

Decode signatures with Sigtool

When you are scanning malware example ClamAV or Maldet from files in server and get positive hit, you may difficult find where has injected code in the file. For decoding signature you can use ClamAV sigtool command line tool. This will help you find the right position from infected file and remove malware code. Positive […]

Continue Reading