Site hacking
Moderator: imanickam
- alamgir99
- Joomla! Explorer
- Posts: 324
- Joined: Sat Aug 20, 2005 1:44 pm
- Location: Melbourne, Australia
Site hacking
Vish
I took it seriously and so posting it here for your immediate attention.
My own site has been hacked last night in front of me!
They first changed the admin password and did lot more.
I have weekly backup but I am not an expert in restoration so, still waiting for a friend's hand.
Please take notice.
Also, I sent you one or two PM long time ago, no reply yet.
alamgir
I took it seriously and so posting it here for your immediate attention.
My own site has been hacked last night in front of me!
They first changed the admin password and did lot more.
I have weekly backup but I am not an expert in restoration so, still waiting for a friend's hand.
Please take notice.
Also, I sent you one or two PM long time ago, no reply yet.
alamgir
- romit
- Joomla! Explorer
- Posts: 413
- Joined: Tue Nov 22, 2005 5:39 pm
- Location: Calcutta - India
- Contact:
Re: Site hacking
I think you should make a post on the security forums about this..
Were you running the latest version of Joomla i.e. 1.0.10.. ??
Was your configuration.php writable or unwritable.. ??
Was all your extra extensions/components/modules updated to the latest version ??
Do you have access to the log files of the server.. ??
Then It can be found out how they hacked the site..
On a side note: Most of the Joomla hackings occur due to weaknesses with the server software..
tell your host about this.. see what they have to say.
Were you running the latest version of Joomla i.e. 1.0.10.. ??
Was your configuration.php writable or unwritable.. ??
Was all your extra extensions/components/modules updated to the latest version ??
Do you have access to the log files of the server.. ??
Then It can be found out how they hacked the site..
On a side note: Most of the Joomla hackings occur due to weaknesses with the server software..
tell your host about this.. see what they have to say.
Last edited by romit on Tue Jul 11, 2006 7:05 am, edited 1 time in total.
Romit Chatterjee
× Joomla! Web Developer - http://www.RomitChat.com
× IndicJoomla! Translation Coordinator - http://www.JoomlaIndia.org/bengali/
× Joomla! Web Developer - http://www.RomitChat.com
× IndicJoomla! Translation Coordinator - http://www.JoomlaIndia.org/bengali/
- alamgir99
- Joomla! Explorer
- Posts: 324
- Joined: Sat Aug 20, 2005 1:44 pm
- Location: Melbourne, Australia
Re: Site hacking
romit
i read some posts of hacking joomla site on this forum. there are lots of them.
i had joomla 1.0.9.
who has the time to read the logs! they are just IPs.
Joomla team has been swamped with logs of hacked site.
i take it was my fault, i used to use a single password on all accounts, from forum to my own
alamgir
i read some posts of hacking joomla site on this forum. there are lots of them.
i had joomla 1.0.9.
who has the time to read the logs! they are just IPs.
Joomla team has been swamped with logs of hacked site.
i take it was my fault, i used to use a single password on all accounts, from forum to my own
alamgir
- Vish
- Joomla! Explorer
- Posts: 382
- Joined: Mon Aug 22, 2005 5:43 pm
- Contact:
Re: Site hacking
I always fail to understand hackers phyche, what do they accomplish ?
But anyways, I got this email from phil-taylor last night
I upgraded to 1.0.10 in the weekend next to its release....all of my sites...
I did not get any PMs from you !!! What were they about?
But anyways, I got this email from phil-taylor last night
You were running 1.0.9, that was one pitfall, but now, make sure you are not running the other two components mentioned....Dear Joomla friends,
It is not often I write a personal plea in an email, but if I could give you
guys one bit of advice for today it would be this.
IF YOU ARE RUNNING ANY OF THE FOLLOWING JOOMLA COMPONENTS THEN PLEASE
CONTACT ME ASAP! (Or research using the links at the bottom of this letter)
* Simpleboard
* ExtCalendar
* Any version of Joomla less than version 1.0.10
## IF YOU ARE RUNNING THESE YOUR WHOLE SITE CAN BE HACKED! ##
(NOTE: None of these products are created by Phil Taylor, there are no known
security issues of this type in Phil Taylor components)
Today I have had the enduring task of fixing five hacked websites, all the
hacks were using well (now) know security holes (Which are just plain bad
programming on the part of the developers) in the above two Joomla
Components. Also running any version of Joomla less that the latest v1.0.10
version can also allow other attack attempts to be made.
If you need assistance in upgrading to Joomla 1.0.10 we would be happy to
help - we do loads of these a week!
Else, if you are running SimpleBoard or ExtCalendar then you should
remove/replace/fix/patch the files to stop hackers gaining access to your
server.
Here are some links to help you research:
I upgraded to 1.0.10 in the weekend next to its release....all of my sites...
I did not get any PMs from you !!! What were they about?
Last edited by Vish on Tue Jul 11, 2006 4:03 pm, edited 1 time in total.
--Vish "Still Learning"
- alamgir99
- Joomla! Explorer
- Posts: 324
- Joined: Sat Aug 20, 2005 1:44 pm
- Location: Melbourne, Australia
Re: Site hacking
Vish
My thinking is different. It does NOT really matter which version you use. They are human products and so likely to have errros which are exploited by others. What you would have said if this has happened before the release of 1.0.10? It's just consolation. "Update to the latest versions" is NOT a good suggestion, that you can follow. How would you update, PHP, MySQL and other server side software? You live on mercy of hosting provider.
I might share this piece of text:
https://www.hackinthebox.org/
thanks.
alamgir
My thinking is different. It does NOT really matter which version you use. They are human products and so likely to have errros which are exploited by others. What you would have said if this has happened before the release of 1.0.10? It's just consolation. "Update to the latest versions" is NOT a good suggestion, that you can follow. How would you update, PHP, MySQL and other server side software? You live on mercy of hosting provider.
I might share this piece of text:
I read it somewhere inLinux is insecure. Open source is insecure. Windows is insecure. All software is insecure. Deal with it. People keep having this delusion that security is a product. That, if you just buy some magic box, you'll have a program or an operating system that's as secure as Fort Knox. It doesn't work that way. Security is a process, not a product. Some systems are more secure than others. Linux, as anyone who pays any attention to security news knows, is a lot more secure than Windows. If we were talking cars, Linux would be a Volvo S80 and Windows would be a Ford "Hit here to blow up" Pinto. But, any car can be hit, and any car can be hit hard enough to destroy it. It's all about the odds and driving safely.
https://www.hackinthebox.org/
thanks.
alamgir
- alamgir99
- Joomla! Explorer
- Posts: 324
- Joined: Sat Aug 20, 2005 1:44 pm
- Location: Melbourne, Australia
-
- Joomla! Intern
- Posts: 77
- Joined: Mon Feb 25, 2008 8:08 am
Re: Site hacking
Hi wonder if anyone can help me.
Recently i setup a website and forum for a guy who does designing. I used Simpleboard forum. What happened was... the index.html file was changed to some text saying in BIG and bold letters.. this site has been hacked by **** and ****.
However the index.php files and other files were still intact and nothing was affected.
But cause my link from the website only gave the / and not to the specific file "index.php" It defaulted to index.html so that was seen.
I AM WONDERING, AFTER READING THIS THREAD, IS IT ADVISABLE TO USE SIMPLEBOARDS AT ALL?? Is that the cause of the hacking?
Rheo
Recently i setup a website and forum for a guy who does designing. I used Simpleboard forum. What happened was... the index.html file was changed to some text saying in BIG and bold letters.. this site has been hacked by **** and ****.
However the index.php files and other files were still intact and nothing was affected.
But cause my link from the website only gave the / and not to the specific file "index.php" It defaulted to index.html so that was seen.
I AM WONDERING, AFTER READING THIS THREAD, IS IT ADVISABLE TO USE SIMPLEBOARDS AT ALL?? Is that the cause of the hacking?
Rheo
Vish wrote:I always fail to understand hackers phyche, what do they accomplish ?
But anyways, I got this email from phil-taylor last night
You were running 1.0.9, that was one pitfall, but now, make sure you are not running the other two components mentioned....Dear Joomla friends,
It is not often I write a personal plea in an email, but if I could give you
guys one bit of advice for today it would be this.
IF YOU ARE RUNNING ANY OF THE FOLLOWING JOOMLA COMPONENTS THEN PLEASE
CONTACT ME ASAP! (Or research using the links at the bottom of this letter)
* Simpleboard
* ExtCalendar
* Any version of Joomla less than version 1.0.10
## IF YOU ARE RUNNING THESE YOUR WHOLE SITE CAN BE HACKED! ##
(NOTE: None of these products are created by Phil Taylor, there are no known
security issues of this type in Phil Taylor components)
Today I have had the enduring task of fixing five hacked websites, all the
hacks were using well (now) know security holes (Which are just plain bad
programming on the part of the developers) in the above two Joomla
Components. Also running any version of Joomla less that the latest v1.0.10
version can also allow other attack attempts to be made.
If you need assistance in upgrading to Joomla 1.0.10 we would be happy to
help - we do loads of these a week!
Else, if you are running SimpleBoard or ExtCalendar then you should
remove/replace/fix/patch the files to stop hackers gaining access to your
server.
Here are some links to help you research:
I upgraded to 1.0.10 in the weekend next to its release....all of my sites...
I did not get any PMs from you !!! What were they about?
- Vish
- Joomla! Explorer
- Posts: 382
- Joined: Mon Aug 22, 2005 5:43 pm
- Contact:
Re: Site hacking
rheo99
I would recommend that you post this in the security forums. They will be in a better position to help you...
I would recommend that you post this in the security forums. They will be in a better position to help you...
--Vish "Still Learning"
-
- Joomla! Intern
- Posts: 77
- Joined: Mon Feb 25, 2008 8:08 am
Re: Site hacking
ok can thank you
-
- Joomla! Fledgling
- Posts: 2
- Joined: Fri Nov 04, 2011 11:00 am
Re: Site hacking
I like this thread.thanks