Magento Security Tool False Positive? prototype.js identified as compromise injection The Next CEO of Stack OverflowMagento Security Scan not able to verify siteMagento Security Scan : some of results are UNKNOWNMagento Security Scanner does not detect SUPEE-8788Magento 2 : Security Check Can Not be Verified!Having issue with Magento 2 security scan. Magento Compromise InjectionGetting errors in Magento 1.9.3 SECURITY SCAN - Total four error critical errorSecurity Scan returning an empty reportSecurity Scan supee-10415 false positive?Is there something mad going on with Magento critical vulnerability scanner

Should I tutor a student who I know has cheated on their homework?

Anatomically Correct Strange Women In Ponds Distributing Swords

Why didn't Khan get resurrected in the Genesis Explosion?

Sending manuscript to multiple publishers

Is it ever safe to open a suspicious html file (e.g. email attachment)?

Is micro rebar a better way to reinforce concrete than rebar?

How did the Bene Gesserit know how to make a Kwisatz Haderach?

I believe this to be a fraud - hired, then asked to cash check and send cash as Bitcoin

What connection does MS Office have to Netscape Navigator?

Is it professional to write unrelated content in an almost-empty email?

Is it possible to search for a directory/file combination?

What is the result of assigning to std::vector<T>::begin()?

Are there any limitations on attacking while grappling?

What flight has the highest ratio of time difference to flight time?

Real integral using residue theorem - why doesn't this work?

Solidity! Invalid implicit conversion from string memory to bytes memory requested

Received an invoice from my ex-employer billing me for training; how to handle?

Several mode to write the symbol of a vector

If Nick Fury and Coulson already knew about aliens (Kree and Skrull) why did they wait until Thor's appearance to start making weapons?

sp_blitzCache results Memory grants

How do I reset passwords on multiple websites easily?

Can we say or write : "No, it'sn't"?

How long to clear the 'suck zone' of a turbofan after start is initiated?

Can I equip Skullclamp on a creature I am sacrificing?



Magento Security Tool False Positive? prototype.js identified as compromise injection



The Next CEO of Stack OverflowMagento Security Scan not able to verify siteMagento Security Scan : some of results are UNKNOWNMagento Security Scanner does not detect SUPEE-8788Magento 2 : Security Check Can Not be Verified!Having issue with Magento 2 security scan. Magento Compromise InjectionGetting errors in Magento 1.9.3 SECURITY SCAN - Total four error critical errorSecurity Scan returning an empty reportSecurity Scan supee-10415 false positive?Is there something mad going on with Magento critical vulnerability scanner










2















Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool







share|improve this question
























  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29















2















Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool







share|improve this question
























  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29













2












2








2


2






Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool







share|improve this question
















Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool




security-scan-tool






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 42 mins ago









Teja Bhagavan Kollepara

3,01241949




3,01241949










asked Apr 3 '18 at 14:31









mpersingermpersinger

111




111












  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29

















  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29
















Having the same issue.

– chirag
Apr 16 '18 at 14:29





Having the same issue.

– chirag
Apr 16 '18 at 14:29










1 Answer
1






active

oldest

votes


















0














Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "479"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f220901%2fmagento-security-tool-false-positive-prototype-js-identified-as-compromise-inje%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






    share|improve this answer



























      0














      Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






      share|improve this answer

























        0












        0








        0







        Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






        share|improve this answer













        Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Apr 3 '18 at 20:04









        Timothy FrewTimothy Frew

        31929




        31929



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Magento Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f220901%2fmagento-security-tool-false-positive-prototype-js-identified-as-compromise-inje%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Can not update quote_id field of “quote_item” table magento 2Magento 2.1 - We can't remove the item. (Shopping Cart doesnt allow us to remove items before becomes empty)Add value for custom quote item attribute using REST apiREST API endpoint v1/carts/cartId/items always returns error messageCorrect way to save entries to databaseHow to remove all associated quote objects of a customer completelyMagento 2 - Save value from custom input field to quote_itemGet quote_item data using quote id and product id filter in Magento 2How to set additional data to quote_item table from controller in Magento 2?What is the purpose of additional_data column in quote_item table in magento2Set Custom Price to Quote item magento2 from controller

            Image
            What's the in-universe reasoning behind sorcerers needing material components? What killed these X2 caps? Why is consensus so controversial in Britain? CAST throwing error when run in stored procedure but not when run as raw query Assassin's bullet with mercury Why do bosons tend to occupy the same state? Ambiguity in the definition of entropy What does the expression "A Mann!" means Is it logically or scientifically possible to artificially send energy to the body? Do scales need to be in alphabetical order? Is there an expression that means doing something right before you will need it rather than doing it in case you might need it? Is it possible to create a QR code using text? Should I tell management that I intend to leave due to bad software development practices? Why no variance term in Bayesian logistic regression? How badly should I try to prevent a user from XSSing themselves? I would say: "You are another teacher", bu
            Read more

            Magento 2 disable Secret Key on URL's from terminal The Next CEO of Stack OverflowMagento 2 Shortcut/GUI tool to perform commandline tasks for windowsIn menu add configuration linkMagento oAuth : Generating access token and access secretMagento 2 security key issue in Third-Party API redirect URIPublic actions in admin controllersHow to Disable Cache in Custom WidgetURL Key not changing in Magento 2Product URL Key gets deleted when importing custom options - Magento 2Problem with reindex terminalMagento 2 - bin/magento Commands not working in Cpanel Terminal

            Image
            How to travel Japan while expressing milk? Is it correct to say moon starry nights? What exactly is ineptocracy? Is it a bad idea to plug the other end of ESD strap to wall ground? Is it OK to decorate a log book cover? logical reads on global temp table, but not on session-level temp table What did the word "leisure" mean in late 18th Century usage? How can I separate the number from the unit in argument? Is it possible to make a 9x9 table fit within the default margins? Can a PhD from a non-TU9 German university become a professor in a TU9 university? A hang glider, sudden unexpected lift to 25,000 feet altitude, what could do this? Does int main() need a declaration on C++? Is there a rule of thumb for determining the amount one should accept for a settlement offer? Why did early computer designers eschew integers? Early programmable calculators with RS-232 What does this strange code stamp on my passport mean? Why does the freezing point ma
            Read more

            Aasi (pallopeli) Navigointivalikko

            PallopelitLeikit pallolla Aasi on yksinkertainen pallolla pelattava pallopeli, joka toimii lasten ja nuorten ajanvietteenä. Peliin tarvitaan pallo ja kolme pelaajaa. Kaksi pelaajaa ovat kaukana toisistaan (noin 10m) ja kolmas pelaaja on heidän keskellään. Kaukaisimmat pelaajat heittelevät palloa keskenään, ja keskimmäinen pelaaja, aasi, yrittää siepata pallon itselleen. Jos aasi saa pallon kiinni, hän pääsee sen pelaajan paikalle joka heitti pallon. Tämä peli esiintyy myös nimillä Piimä , Mummonkiusaus ja Kala . lähde? Aasi on myös nimitys toiselle pallopelille. Peliin tarvitaan vähintään kaksi pelaajaa sekä pallo. Pelaajat päättävät järjestyksen, jossa pelaajat potkaisevat palloa jotain päin (esim. seinää). Kukin pelaaja potkaisee vuorollaan palloa, ja häviäjä on se, joka saa ensin sanan AASI. Kirjaimia saa sillä, että osuu palloon potkaisun jälkeen. Esim. Ville, Heikki ja Kalle pelaavat aasia. Ville potkaisee palloa, ja sitten on Heikin vuoro, mutta Ville osuu palloon ennen kuin
            Read more