Change font size Change Width
Advanced Search
 

Joomla! Discussion Forums



It is currently Thu Nov 26, 2009 10:58 pm (All times are UTC )

 

Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Forum rules

Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Print view Previous topic | Next topic 
Author Message
NooZes
 Post subject: 1.0.9 with exploits?
Posted: Mon Jun 19, 2006 1:47 pm 
Joomla! Fledgling
Joomla! Fledgling
Offline

Joined: Tue Jun 13, 2006 5:55 pm
Posts: 2
Hi.
I've been atacked last night, my website has been defaced.
They have changed the configuration.php, index.php and /administrator/index.php
I've the last version, 1.0.9., updated last week.

The message on the website was ' Redworm was here'.

On the admin page has '

Redworm Was Here



Im Maniac And Turkish HeykýR Layn!

Thanks To : ZeberuS , PowerCobrA, S0ntang0

Contract Mail : Redh3ll@Yahoo.Com.Tr

Warning: main(/includes/version.php): failed to open stream: No such file or directory in /home/aeupidh/public_html/portal/includes/joomla.php on line 71

Fatal error: main(): Failed opening required '/includes/version.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/aeupidh/public_html/portal/includes/joomla.php on line 71

'

I've changed some files and now it's all kewl...

Best regards...
Top
   
 
Tonie
 Post subject: Re: 1.0.9 with exploits?
Posted: Mon Jun 19, 2006 1:50 pm 
User avatar
Joomla! Master
Joomla! Master
Offline

Joined: Thu Aug 18, 2005 7:13 am
Posts: 13258
There are no know exploits for 1.0.9, but there is one under investigation. Without the log files, it will be impossible to track the culprit of the defacement. This is also a good list: http://forum.joomla.org/index.php/topic,54006.0.html

_________________
Antonie de Wilde - Forum admin
All Joomla! release dates and days between releases: http://jfoobar.org/blog/189-days-betwee ... a-releases.test

Top
   
 
AMU
 Post subject: Re: 1.0.9 with exploits?
Posted: Mon Jun 19, 2006 1:58 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast
Offline

Joined: Wed Aug 17, 2005 10:36 pm
Posts: 143
Location: Austria / Wien
hi!

look at this!

Quote:
The vulnerability has been confirmed in version 1.0.9. Other versions may also be affected.


http://secunia.com/advisories/20746

the other link to Mambo <= 4.6rc1 sql injection Jun 17 2006 12:32PM  / exploit is not the same advisory, but near the same exploit

Quote:
/*
  explaination:

  same of http://retrogod.altervista.org/mambo_46rc1_sql.html
  with some modifications to work against Joomla
  and with an always true statement, to avoid to flood admin of e-mail notifications
  about submissions (they simply do not succeed but injection works aswell)
*/



bye - it´s time for joomla 1.0.10 ;-)

lg. manfred

_________________
* AT´s http://www.joomla.at - official Joomla/Mambo supported Website
    * http://www.netwatcher.at - IT Magazin - Radio Netwatcher on O94.at and freirad.at

Last edited by AMU on Mon Jun 19, 2006 2:10 pm, edited 1 time in total.

Top
  E-mail  
 
datto510
 Post subject: Re: 1.0.9 with exploits?
Posted: Sat Jul 29, 2006 7:53 am 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Wed Apr 26, 2006 10:48 pm
Posts: 23
a friend had a web site hacked in this manner yesterday, very annoying  >:(
Top
  E-mail  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 

Quick reply

 


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Who is online

Users browsing this forum: ArtGoddess and 7 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
 
 
 
 
 

© 2005-2009 Open Source Matters, Inc. All rights reserved. Joomla hosting by Rochen Ltd.