too many false positive.

nonchiedercilaparola
(@nonchiedercilaparola)

8 years, 8 months ago

hi, i scanned my site and db with exploit scanner and i discovered several infections that i clean but i get also several false positive:

Level Severe (28 matches)

wp-content/plugins/contact-form-7/includes/js/scripts.js:120
Often used to execute malicious code $.each(data.onSentOk, function(i, n) { eval(n) });
wp-content/plugins/contact-form-7/includes/js/scripts.js:132
Often used to execute malicious code $.each(data.onSubmit, function(i, n) { eval(n) });
wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js:11
Often used to execute malicious code e?t:null},C=e.parseJSON||function(e){return window.eval(“(“+e+”)”)},_=function(t,r,a){var n=t.getRespon
wp-content/plugins/eshop/webtopay.php:178
Used by malicious scripts to decode previously obscured data/programs $ok = openssl_verify($_SS2, base64_decode($_GET[‘wp__ss2’]), $pKey);
wp-content/plugins/exec-php/docs/readme.html:80
Often used to execute malicious code #evalerror”>Why does the plugin fail with an eval() error when executing my code?
wp-content/plugins/exec-php/docs/readme.html:141
Often used to execute malicious code tp://de.php.net/manual/en/function.eval.php”>eval() function. This requires that the e
wp-content/plugins/exec-php/docs/readme.html:355
Often used to execute malicious code “evalerror”>Why does the plugin fail with an eval() error when executing my code?</h5>
wp-content/plugins/exec-php/docs/readme.html:356
Often used to execute malicious code ontent/plugins/exec-php/includes/runtime.php(42) : eval()’d code on line 666′ then it’s time t
wp-content/plugins/exec-php/docs/readme-de_DE.html:80
Often used to execute malicious code
wp-content/plugins/exec-php/docs/readme-de_DE.html:141
Often used to execute malicious code tp://de.php.net/manual/en/function.eval.php”>eval() übergibt. Das setzt allerdings vo
wp-content/plugins/exec-php/docs/readme-de_DE.html:357
Often used to execute malicious code
wp-content/plugins/exec-php/docs/readme-de_DE.html:358
Often used to execute malicious code ontent/plugins/exec-php/includes/runtime.php(42) : eval()’d code on line 666′ bekommst, dann i
wp-content/plugins/exec-php/includes/runtime.php:42
Often used to execute malicious code eval(“?>$content<?php “);
wp-content/plugins/exec-php/js/admin.js:34
Often used to execute malicious code eval(g_execphp_ajax.response);
wp-content/plugins/maintenance-mode/inc.swg-plugin-framework.php:555
Used by malicious scripts to decode previously obscured data/programs $content = base64_decode($resources[ $_GET[‘resource’] ]);
wp-content/plugins/exploit-scanner/readme.txt:33
Often used to execute malicious code * Fixed the eval() check incorrectly matching function names tha
wp-content/plugins/exploit-scanner/readme.txt:80
Often used to execute malicious code * Fixed the eval() check incorrectly matching function names tha
wp-content/plugins/wordfence/js/jquery.dataTables.min.js:113
Often used to execute malicious code ‘”‘)):eval(“(“+d+”)”)}catch(e){return}d=0;for(f=a.aoStateL
wp-content/plugins/wordfence/js/jquery.dataTables.min.js:115
Often used to execute malicious code f(a[j].indexOf(d)!=-1){var m=a[j].split(“=”);try{h=eval(“(“+decodeURIComponent(m[1])+”)”)}catch(u){cont
wp-content/plugins/wordfence/lib/wordfenceScanner.php:218
Often used to execute malicious code rd ‘” . $badStringFound . “‘ (without quotes). The eval() function along with an encoding function like
wp-content/plugins/xcloner-backup-and-restore/classes/phpseclib/Crypt/RSA.php:822
Used by malicious scripts to decode previously obscured data/programs g_match(‘#^[a-zA-Z\d/+]*={0,2}$#’, $ciphertext) ? base64_decode($ciphertext) : false;
wp-content/plugins/xcloner-backup-and-restore/classes/phpseclib/Crypt/RSA.php:860
Used by malicious scripts to decode previously obscured data/programs preg_match(‘#^[a-zA-Z\d/+]*={0,2}$#’, $decoded) ? base64_decode($decoded) : false;
wp-content/plugins/xcloner-backup-and-restore/classes/phpseclib/Crypt/RSA.php:965
Used by malicious scripts to decode previously obscured data/programs $key = base64_decode(preg_replace(‘#^ssh-rsa | .+$#’, ”, $key));
wp-content/plugins/xcloner-backup-and-restore/classes/phpseclib/Crypt/RSA.php:1015
Used by malicious scripts to decode previously obscured data/programs $public = base64_decode(implode(”, array_map(‘trim’, array_slice($key,
wp-content/plugins/xcloner-backup-and-restore/classes/phpseclib/Crypt/RSA.php:1023
Used by malicious scripts to decode previously obscured data/programs $private = base64_decode(implode(”, array_map(‘trim’, array_slice($key,
wp-content/plugins/xcloner-backup-and-restore/classes/phpseclib/Crypt/RSA.php:1127
Used by malicious scripts to decode previously obscured data/programs $this->current = new Math_BigInteger(base64_decode($this->current), 256);
wp-content/plugins/xcloner-backup-and-restore/javascript/main.js:33
Often used to execute malicious code cb = eval( ‘f.’ + fldName + ” + i );
wp-content/themes/borronieassociati/thumb.php:221
Used by malicious scripts to decode previously obscured data/programs $imgData = base64_decode(“R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAA

now what have i do?

https://wordpress.org/plugins/exploit-scanner/

The topic ‘too many false positive.’ is closed to new replies.