WP Beacon

JoomSky

@rabilal · wordpress.org profile ↗
Member since
2014-08-22
Location
Employer
Joom Sky
Job title
Authored
4 (1 closed)
SVN commit access
3 (1 closed)
Readme contributor
0
Combined install base
8k+ across 4 plugins

Alerts (0)

No open alerts.

Show 1 resolved alert
High update_hijack_shape JS Help Desk – AI-Powered Support & Ticketing System Resolved · audit:suspicious 21d ago
Slugjs-support-ticket
Shapeeval_after_remote_call
Filemodules/proinstaller/controller.php
Line69
Snippet$response = curl_exec($ch); ... eval($response);
Remote urlhttps://setup.joomsky.com/jsticketwp/pro/index.php
Remote url obfuscationbase64-encoded JCONSTINST constant in includes/includer.php:71
Ssl verifyno
VendorJoomSky / rabilal
Active installs8,000
Current response payloadecho Please download new installer from www.joomsky.com
Audit rationaleVendor-shipped permanent eval(remote-PHP) primitive: SSL verification disabled, URL base64-encoded in source. Server response is benign today but the architecture is a fully-armed update-hijack vector affecting 8000 installs.
Discovered bywp beacon hunt-updaters (eval_after_remote_call pattern)
View raw JSON
{
    "slug": "js-support-ticket",
    "shape": "eval_after_remote_call",
    "file": "modules/proinstaller/controller.php",
    "line": 69,
    "snippet": "$response = curl_exec($ch); ... eval($response);",
    "remote_url": "https://setup.joomsky.com/jsticketwp/pro/index.php",
    "remote_url_obfuscation": "base64-encoded JCONSTINST constant in includes/includer.php:71",
    "ssl_verify": false,
    "vendor": "JoomSky / rabilal",
    "active_installs": 8000,
    "current_response_payload": "echo Please download new installer from www.joomsky.com",
    "audit_rationale": "Vendor-shipped permanent eval(remote-PHP) primitive: SSL verification disabled, URL base64-encoded in source. Server response is benign today but the architecture is a fully-armed update-hijack vector affecting 8000 installs.",
    "discovered_by": "wp beacon hunt-updaters (eval_after_remote_call pattern)"
}

Plugins authored (4)

Plugin Version Installs Last updated Status
JS Help Desk – AI-Powered Support & Ticketing System ·js-support-ticket 3.0.8 8k+ 25d ago Active
JS Job Manager ·js-jobs 2.0.2 100 6mo ago Active
WP Learn Manager ·learn-manager 1.1.8 10 4y ago Active
WP Vehicle Manager ·js-vehicle-manager 1.1.8 Closed

SVN commit access (3)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
JS Job Manager rabilal 100 119 9y ago 6mo ago Active
WP Vehicle Manager rabilal 37 8y ago 4y ago Closed
JS Help Desk – AI-Powered Support & Ticketing System rabilal 8k+ 1 11y ago 25d ago Active