JoomSky

Member since
2014-08-22
Location
Employer
Joom Sky
Job title
Authored
4 (1 closed)
SVN commit access
3 (1 closed)
Readme contributor
0
Combined install base
7k+ across 4 plugins

Alerts (0)

No open alerts.

Show 3 resolved alerts
Critical code_pattern JS Job Manager Resolved · audit:suspicious 1mo ago
Slugjs-jobs
Patternsetup.joomsky.com
Kindioc:domain
Version2.0.2
Hit count5
First hit
File
includes/includer.php
Line
102
Snippet
define('JCONSTV', 'https://setup.joomsky.com/jsjobswp/pro/index.php');
Explanation
View raw JSON
{
    "slug": "js-jobs",
    "pattern": "setup.joomsky.com",
    "kind": "ioc:domain",
    "version": "2.0.2",
    "hit_count": 5,
    "first_hit": {
        "file": "includes/includer.php",
        "line": 102,
        "snippet": "define('JCONSTV', 'https://setup.joomsky.com/jsjobswp/pro/index.php');"
    },
    "explanation": null
}
High code_scan_delta JS Help Desk – AI-Powered Support & Ticketing System Resolved · benign_legit_cdn_or_legacy_function 1mo ago
Slugjs-support-ticket
Previous version3.0.8
Current version3.1.0
New findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinmodules/jssupportticket/tpls/userregister.php5wp_enqueue_script( 'ticket-recaptcha', 'https://www.google.com/recaptcha/api.js', array(), jssupportticket::$_config['productversion'], true );medium
Url
https://www.google.com/recaptcha/api.js
Url host
www.google.com
remote_enqueuebuiltinmodules/jssupportticket/tpls/userregister.php142wp_enqueue_script( 'ticket-recaptcha', 'https://www.google.com/recaptcha/api.js', array(), jssupportticket::$_config['productversion'], true );medium
Url
https://www.google.com/recaptcha/api.js
Url host
www.google.com
remote_enqueuebuiltinmodules/ticket/tpls/addticket.php5wp_enqueue_script( 'ticket-recaptcha', 'https://www.google.com/recaptcha/api.js', array(), jssupportticket::$_config['productversion'], true );medium
Url
https://www.google.com/recaptcha/api.js
Url host
www.google.com
New finding count3
View raw JSON
{
    "slug": "js-support-ticket",
    "previous_version": "3.0.8",
    "current_version": "3.1.0",
    "new_findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "modules/jssupportticket/tpls/userregister.php",
            "line": 5,
            "snippet": "wp_enqueue_script( 'ticket-recaptcha', 'https://www.google.com/recaptcha/api.js', array(), jssupportticket::$_config['productversion'], true );",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js",
                "url_host": "www.google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "modules/jssupportticket/tpls/userregister.php",
            "line": 142,
            "snippet": "wp_enqueue_script( 'ticket-recaptcha', 'https://www.google.com/recaptcha/api.js', array(), jssupportticket::$_config['productversion'], true );",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js",
                "url_host": "www.google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "modules/ticket/tpls/addticket.php",
            "line": 5,
            "snippet": "wp_enqueue_script( 'ticket-recaptcha', 'https://www.google.com/recaptcha/api.js', array(), jssupportticket::$_config['productversion'], true );",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js",
                "url_host": "www.google.com"
            }
        }
    ],
    "new_finding_count": 3
}
High update_hijack_shape JS Help Desk – AI-Powered Support & Ticketing System Resolved · audit:suspicious 2mo ago
Slugjs-support-ticket
Shapeeval_after_remote_call
Filemodules/proinstaller/controller.php
Line69
Snippet$response = curl_exec($ch); ... eval($response);
Remote urlhttps://setup.joomsky.com/jsticketwp/pro/index.php
Remote url obfuscationbase64-encoded JCONSTINST constant in includes/includer.php:71
Ssl verifyno
VendorJoomSky / rabilal
Active installs8,000
Current response payloadecho Please download new installer from www.joomsky.com
Audit rationaleVendor-shipped permanent eval(remote-PHP) primitive: SSL verification disabled, URL base64-encoded in source. Server response is benign today but the architecture is a fully-armed update-hijack vector affecting 8000 installs.
Discovered bywp beacon hunt-updaters (eval_after_remote_call pattern)
View raw JSON
{
    "slug": "js-support-ticket",
    "shape": "eval_after_remote_call",
    "file": "modules/proinstaller/controller.php",
    "line": 69,
    "snippet": "$response = curl_exec($ch); ... eval($response);",
    "remote_url": "https://setup.joomsky.com/jsticketwp/pro/index.php",
    "remote_url_obfuscation": "base64-encoded JCONSTINST constant in includes/includer.php:71",
    "ssl_verify": false,
    "vendor": "JoomSky / rabilal",
    "active_installs": 8000,
    "current_response_payload": "echo Please download new installer from www.joomsky.com",
    "audit_rationale": "Vendor-shipped permanent eval(remote-PHP) primitive: SSL verification disabled, URL base64-encoded in source. Server response is benign today but the architecture is a fully-armed update-hijack vector affecting 8000 installs.",
    "discovered_by": "wp beacon hunt-updaters (eval_after_remote_call pattern)"
}

Plugins authored (4)

Plugin Version Installs Last updated Status
JS Help Desk – AI-Powered Support & Ticketing System ·js-support-ticket 3.1.3 7k+ 10d ago Active
JS Job Manager ·js-jobs 2.0.2 100 7mo ago Active
WP Learn Manager ·learn-manager 1.1.8 10 4y ago Active
WP Vehicle Manager ·js-vehicle-manager 1.1.8 Closed

SVN commit access (3)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
JS Help Desk – AI-Powered Support & Ticketing System rabilal 7k+ 361 11y ago 17d ago Active
JS Job Manager rabilal 100 119 10y ago 7mo ago Active
WP Vehicle Manager rabilal 37 8y ago 4y ago Closed