Change font size Change Width
Advanced Search
 

Joomla! Discussion Forums



It is currently Tue Nov 24, 2009 10:27 pm (All times are UTC )

 

Board index » Joomla! 1.5 - Ask Support Questions Here » Security

Forum rules

Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Print view Previous topic | Next topic 
Author Message
rschneid
Posted: Thu Nov 05, 2009 4:30 pm 
Joomla! Fledgling
Joomla! Fledgling
Offline

Joined: Wed Feb 06, 2008 11:34 am
Posts: 1
Hi,
I just found the following version of the base64_decode/gzinflate hack.

They used the form:
"$v1 = strrev("edoced_46esab"); $v2 = strrev("etalfnizg"); eval ...."

So in case you think your site got hacked:
Don't "grep" only for "base64_decode" and/or "gzinflate";
also scan for "edoced_46esab" and "etalfnizg".

Hope this helps.
Top
   
 
panosgr
Posted: Thu Nov 05, 2009 5:48 pm 
Joomla! Intern
Joomla! Intern
Offline

Joined: Fri Sep 28, 2007 8:40 pm
Posts: 96
Yes that is correct and that is not the only version we have!
There some versions thats are complete masked, no "eval", no "base64" at all
Top
  E-mail  
 
fw116
Posted: Thu Nov 05, 2009 7:05 pm 
User avatar
Joomla! Ace
Joomla! Ace
Offline

Joined: Tue Sep 06, 2005 11:18 am
Posts: 1119
Location: Germany
old, very OLD..

just check for iframe injections ...

_________________
MCITP - Microsoft Certified IT Professional
CCNA - Cisco Certfied Network Administrator
LPI - Linux Professional
PN for Online Transcript ID Check
http://www.mindset.de

Top
  E-mail  
 
jeffchannell
Posted: Mon Nov 09, 2009 4:05 pm 
User avatar
Joomla! Ace
Joomla! Ace
Offline

Joined: Tue Jun 09, 2009 2:21 am
Posts: 1263
Location: WV
Surely you can see that was likely randomly generated, right?

_________________
http://jeffchannell.com - Joomla Extensions & Web Development
Unsolicited private messages/emails asking for help = you wish to hire me to fix your problem.
καλλιστι

Top
   
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 

Quick reply

 


Board index » Joomla! 1.5 - Ask Support Questions Here » Security

Who is online

Users browsing this forum: ewel, jengels, PhilD and 29 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
 
 
 
 
 

© 2005-2009 Open Source Matters, Inc. All rights reserved. Joomla hosting by Rochen Ltd.