The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 7 posts ] 
  Print view Previous topic | Next topic 
Author Message
squig
PostPosted: Fri Nov 02, 2007 7:03 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 30, 2005 5:27 pm
Posts: 123
Another [RussW: group removed, irrelevant] tried/hacked me (I don't know which yet) about 1 hour ago.

In my statistics there are links to a component which I don't even have installed called mambatstaff.
bsq stats lists the hacker  [RussW: IP and Country removed, irrelevant].
I looked up mambatstaff and found it is a known vulnerability.

It is obviously an autogenerated hack
system they have setup and they included a reference back to some kind of
[RussW: site removed, irrelevant] site, and when I tried to do a trace route or whois to the domain
nothing could be found which I have no idea how they could do.

I am using 1.0.13
So be warned, and if you see the same thing happened today in your
stats report it to the hacker's host, maybe they can find him. I already
reported it with the links to what appeared to be the hackers direct isp.


Last edited by RussW on Sun Nov 04, 2007 12:13 am, edited 1 time in total.

Top
 Profile  
 
emagin
PostPosted: Fri Nov 02, 2007 7:29 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Sep 11, 2005 7:46 pm
Posts: 136
Location: san francisco, ca usa
What are your settings for:
.htaccess
php.ini

Are you hosted or do you run your own box?
Did you apply all the security settings recommended in this forum? I can provide links
Top
 Profile  
 
squig
PostPosted: Fri Nov 02, 2007 8:27 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 30, 2005 5:27 pm
Posts: 123
it is shared hosting at micfo (which i entirely do NOT recommend to anyone - I am leaving it once my paid time is over).

I do not have the capability to figure out
all of the recommended joomla security hacks, if it doesn't come default
in joomla or it can't be understood by a useless idiot like
me then I am not going to waste years in trying to figure out
how to do it, and unfortunately I have no cash to hire anyone
to do it for me as I don't make any money on any of my sites.
All this stuff is just too complicated for me, I just posted this info
about what happened to my site thinking maybe it might help one person out there somewhere
from being hacked, because I don't even have the capability to figure out more
then 20% probably of how to tweak joomla and php and all
those tech term things but maybe someone else does and
can protect themselves better then I could.

Thanks for responding but unfortunately I have seen all the links
and they are beyond my capability or patience to figure out how to implement
beyond a few of the basic things.

Have a good day.
Top
 Profile  
 
infograf768
PostPosted: Sat Nov 03, 2007 10:38 am 
User avatar
Joomla! Master
Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 16630
Location: **Translation Matters**
Unhappily, the infos you provide are useless to anyone.
Origin of crackers or their IP or what they managed to display on your site would not solve the issue.
The fact that you saw in your stats something about mambatstaff neither if you really do not have any trace of that extension in your install.

Joomla is one thing, your server and settings are another one.
If you had no vulnerable extensions installed, if all your files and folders were CHMODED as should, if you had enabled the .htaccess file, if Register Globals Emulation was Off, then the only remaining reason for the hack would be your server.

_________________
Jean-Marie Simonet / infograf · http://www.info-graf.fr
Multilanguage in 2.5: http://help.joomla.org/files/EN-GB_multilang_tutorial.pdf
---------------------------------
Joomla Translation Coordination Team • Joomla! Production Working Group
Top
 Profile  
 
RussW
PostPosted: Sun Nov 04, 2007 12:16 am 
User avatar
Joomla! Exemplar
Joomla! Exemplar

Joined: Sun Oct 22, 2006 4:42 am
Posts: 9352
Location: Sunshine Coast, Queensland, Australia
If you have no interest or inclination to learn how to secure and support your own Joomla! instance, I am afraid there is little to nothing that anyone here can to for you either.

Good luck in the future, I hope that vulnerabilities are not found within your site or server in future.

_________________
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print http://www.hotmango.me/
Network SMARTS, Systems Engineering http://www.networksmarts.com.au/
Top
 Profile  
 
grayz
PostPosted: Sun Dec 04, 2011 3:31 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Dec 12, 2006 8:37 pm
Posts: 119
This is an old thread, but today somebody tried to attack my site too through
com_thopper/inc/urgency_type.php
com_mambatstaff/mambatstaff.php
com_ponygallery/admin.ponygallery.html.php
administrator/components/com_jcs/view/register.php

All these add-ons seems to be rather old and not supported currently.

_________________
www.justPHP.net - HACKS for Hot Property, Custom 404 Error Pages, Templates for Joomla etc.
Developing: www.zerno.org.ua
Top
 Profile  
 
grayz
PostPosted: Mon Dec 05, 2011 9:54 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Dec 12, 2006 8:37 pm
Posts: 119
So, the attacks continued. I tied a little bit and tried JWsec plugin, which can block specified IPs. As by now it helped. :)
Also, I found the hoster and wrote a claim. No reply by now, but will see.

_________________
www.justPHP.net - HACKS for Hot Property, Custom 404 Error Pages, Templates for Joomla etc.
Developing: www.zerno.org.ua
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 7 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Who is online

Users browsing this forum: No registered users and 6 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group