File Manager

X7ROOT File Manager

Current Path: /home/socmnuxr

📁 ..
📁 .cagefs
📁 .caldav
📁 .cl.selector
📁 .cpanel
📁 .htpasswds
📄 .imunify_patch_id(106 B)
📄 .last.inodes(2.08 KB)
📄 .lastlogin(594 B)
📄 .myimunify_id(102 B)
📁 .nc_plugin
📁 .softaculous
📄 .spbldr_localStorage(83 B)
📁 .trash
📁 _wildcard_.one-11hotel.com
📁 backend
📁 etc
📁 htdocs
📁 logs
📁 lscache
📁 mail
📁 public_ftp
📁 public_html
📄 scanreport-socmnuxr-Oct_02_2024_05h14m.txt(16.81 KB)
📁 tmp
📁 www

Editing: scanreport-socmnuxr-Oct_02_2024_05h14m.txt

----------- SCAN REPORT -----------
TimeStamp: Wed, 2 Oct 2024 05:14:07 -0400
(/usr/sbin/cxs --background --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/socmnuxr/scanreport-socmnuxr-Oct_02_2024_05h14m.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user socmnuxr --virusscan --vmrssmax 2000000 --waitscan 0 --xtra /etc/cxs/cxs.xtra.manual)

Scanning /home/socmnuxr:

'/home/socmnuxr/.nc_plugin/hidden'
# World writeable directory

'/home/socmnuxr/.trash/index.php.2'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2225]]

'/home/socmnuxr/.trash/index.php.3'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2225]]

'/home/socmnuxr/backend/public/d4a4bcaa/logo.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1900]]

'/home/socmnuxr/backend/public/d4a4bcaa/d4a4bcaa/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/d4a4bcaa/d4a4bcaa/d4a4bcaa/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/d4a4bcaa/d4a4bcaa/d4a4bcaa/d4a4bcaa/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/images/images/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/js__d28417e/js__d28417e/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/js__d28417e/js__d28417e/js__d28417e/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/js__d28417e/js__d28417e/js__d28417e/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/socmnuxr/backend/public/metronic__d28417e/js/custom/apps/calendar/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/metronic__d28417e/js/custom/apps/invoices/item.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/metronic__d28417e/media/svg/illustrations/illustrations/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/metronic__d28417e/media/svg/illustrations/illustrations/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/socmnuxr/backend/public/metronic__d28417e/media/svg/illustrations/sigma/mah.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/metronic__d28417e/media/svg/svg/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/metronic__d28417e/media/svg/svg/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2189]]

'/home/socmnuxr/backend/public/metronic__d28417e/plugins/global/fonts/fonticon/network.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/metronic__d28417e/plugins/global/fonts/fonticon/fonticon/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/a/d/g/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP EVAL Exploit [P2185]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/a/d/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP RFI Exploit [P2060]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/a/g/d/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Site Defacer [P0020]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/b/d/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1942]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/c/a/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1580]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/c/a/c/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/c/b/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/c/e/c/function.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/d/b/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/d/d/b/mah.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/e/a/g/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/e/e/f/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/e/f/d/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2171]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/e/g/f/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP EVAL Exploit [P2185]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/f/b/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/f/c/d/index.php'
# ClamAV detected virus = [{HEX}php.base64.inject.182.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/acme-challenge/f/d/g/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [{1954]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/f/g/b/c/djpuexozmyf.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/f/g/b/c/kdhavelxqiz.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/g/b/e/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/g/c/e/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1822]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/g/e/d/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/g/g/h/index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1900]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/g/h/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/h/a/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/h/b/b/plugin.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P0241]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/h/b/g/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/acme-challenge/h/g/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P2071]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/b/b/index.php'
# ClamAV detected virus = [TO-24771.WEBSHELL.ontent_php.MD5-5c914e3493d7b02faf78530a09a73da4.size-13133.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/b/e/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/c/f/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/d/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1580]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/f/c/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/f/e/item.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/f/g/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2103]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/f/h/index.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1900]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/h/a/c/chemznijryu.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]]

'/home/socmnuxr/backend/public/well-known/pki-validation/a/h/a/c/qfkjirgzdvc.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Excess EVAL Exploit [P1924]]

'/home/socmnuxr/backend/public/well-known/pki-validation/b/a/f/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/b/b/e/defaults.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P2163]]

'/home/socmnuxr/backend/public/well-known/pki-validation/b/e/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/b/f/f/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2188]]

'/home/socmnuxr/backend/public/well-known/pki-validation/c/d/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/c/d/b/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/d/a/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/d/c/d/defaults.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/d/e/a/click.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/d/e/e/function.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/d/g/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/d/g/c/item.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/e/a/a/index.php'
# ClamAV detected virus = [{HEX}php.cmdshell.rgod.363.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/pki-validation/e/b/c/index.php'
# Known exploit = [Fingerprint Match (fp)] [RFI Exploit [P1419]]

'/home/socmnuxr/backend/public/well-known/pki-validation/e/c/b/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/e/d/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/e/h/e/index.php'
# ClamAV detected virus = [{HEX}php.base64.inject.182.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/a/d/index.php'
# ClamAV detected virus = [{HEX}php.base64.inject.182.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/a/g/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/b/h/options.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/g/c/index.php'
# ClamAV detected virus = [YARA.spam_mailer.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/g/f/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/g/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1978]]

'/home/socmnuxr/backend/public/well-known/pki-validation/f/h/e/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/g/b/c/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/g/d/b/network.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/g/d/h/mah.php'
# Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1978]]

'/home/socmnuxr/backend/public/well-known/pki-validation/g/g/b/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/g/h/f/index.php'
# (decoded file [advanced decoder: 9 (depth: 1)]) ClamAV detected virus = [{HEX}php.cmdshell.egyspider.244.UNOFFICIAL]

'/home/socmnuxr/backend/public/well-known/pki-validation/h/a/a/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Upload Exploit [P2198]]

'/home/socmnuxr/backend/public/well-known/pki-validation/h/a/b/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/h/b/h/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/well-known/pki-validation/h/e/b/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-admin/options.php'
# Known exploit = [Fingerprint Match (fp)] [PHP RFI Exploit [P2060]]

'/home/socmnuxr/backend/public/wp-admin/plugin.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-admin/wp-admin/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-admin/wp-admin/index.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2195]]

'/home/socmnuxr/backend/public/wp-admin/wp-admin/wp-admin/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-admin/wp-admin/wp-admin/wp-admin/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-content/about.php'
# Known exploit = [Fingerprint Match (md5)] [PHP Exploit]

'/home/socmnuxr/backend/public/wp-content/defaults.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-content/function.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-content/network.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-content/plugin.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-content/zllsphp'
# Known exploit = [Fingerprint Match (md5)] [PHP Exploit]

'/home/socmnuxr/backend/public/wp-content/wp-content/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-content/wp-content/wp-content/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-includes/click.php'
# Known exploit = [Fingerprint Match (fp)] [Hacker Sig Exploit [P1978]]

'/home/socmnuxr/backend/public/wp-includes/options.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2222]]

'/home/socmnuxr/backend/public/wp-includes/plugin.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P1822]]

'/home/socmnuxr/backend/public/wp-includes/product.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1942]]

'/home/socmnuxr/backend/public/wp-includes/Text/Diff/Engine/Engine/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/socmnuxr/backend/public/wp-includes/wp-includes/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-includes/wp-includes/wp-includes/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-includes/wp-includes/wp-includes/wp-includes/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/socmnuxr/backend/public/wp-includes/wp-includes/wp-includes/wp-includes/wp-includes/cache.php'
# Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

----------- SCAN SUMMARY -----------
Scanned directories: 4891
Scanned files: 916
Ignored items: 10
Suspicious matches: 118
Viruses found: 7
Fingerprint matches: 106
Data scanned: 43.56 MB
Scan peak memory: 393940 kB
Scan time/item: 0.005 sec
Scan time: 26.551 sec

X7ROOT File Manager

Editing: scanreport-socmnuxr-Oct_02_2024_05h14m.txt

Upload File

Create Folder