Avast Community

Hacked website and IP been taken down?

Viruses and worms

polonus January 8, 2016, 11:26am 1

See: http://killmalware.com/mercurysofttech.in/#
See: http://whois.domaintools.com/mercurysofttech.in
See: http://toolbar.netcraft.com/site_report?url=http://mercurysofttech.in & http://toolbar.netcraft.com/site_report?url=http://192.185.103.47
Scanner output:
Scanning http://192.185.103.47/404.html …
Script loaded: http://code.jquery.com/jquery-1.9.1.js
Script loaded: http://192.185.103.47/cgi-sys/js/simple-expand.min.js
Status: success
Detected library: jquery - 1.9.1
Load time: 2137ms
Consider: http://www.domxssscanner.com/scan?url=http%3A%2F%2F192.185.103.47%2Fcgi-sys%2Fjs%2Fsimple-expand.min.js
Exploitable code: https://www.asafety.fr/vuln-exploit-poc/xss-rce-ipcop-2-1-4-remote-command-execution/

polonus

Announcements