beez: dangerous template for joomla ?
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Fledgling
- Posts: 4
- Joined: Tue Apr 19, 2011 6:09 am
beez: dangerous template for joomla ?
I often observe the <url of hackers listing>. There, a hacker named <someone> always attack the Joomla Beez template. Are developers already anticipating joomla joomla Beez security hole?
Last edited by mandville on Sun Jun 12, 2011 12:00 am, edited 1 time in total.
Reason: removed hacker kudos, broke site link
Reason: removed hacker kudos, broke site link
- RussW
- Joomla! Exemplar
- Posts: 9347
- Joined: Sun Oct 22, 2006 4:42 am
- Location: Sunshine Coast, Queensland, Australia
- Contact:
Re: beez: dangerous template for joomla ?
it just happens that these sort of people know that this template is present by default, so it is a 'known' starting point to search for permissions or extension vulnerabilities, nothing more than that.
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/
-
- Joomla! Intern
- Posts: 78
- Joined: Fri Oct 23, 2009 2:42 pm
Re: beez: dangerous template for joomla ?
even if it doesn't set as default template; do hackers able to use that to search for site's vulnerabilities?RussW wrote:it just happens that these sort of people know that this template is present by default, so it is a 'known' starting point to search for permissions or extension vulnerabilities, nothing more than that.
- Per Yngve Berg
- Joomla! Master
- Posts: 30933
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: beez: dangerous template for joomla ?
The template can always be viewed by adding "&template=Beez" to the url
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: beez: dangerous template for joomla ?
they use it to "fingerprint" a joomla siteghandil wrote:even if it doesn't set as default template; do hackers able to use that to search for site's vulnerabilities?
if you dont use a template, delete it
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Intern
- Posts: 78
- Joined: Fri Oct 23, 2009 2:42 pm
Re: beez: dangerous template for joomla ?
what do you mean they "fingerprint" a joomla site exactly? it means they may understand that site has been built by joomla? If so there are many easier way to know this. aren't there?mandville wrote:they use it to "fingerprint" a joomla siteghandil wrote:even if it doesn't set as default template; do hackers able to use that to search for site's vulnerabilities?
if you dont use a template, delete it
Also most of the hack files on my site located on templates/bezz folder and sub folders. the topic is here and you reply to it too, mandville: Joomla Version 1.5.15 site was hacked; source recognition
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: beez: dangerous template for joomla ?
your issue is unrelated to this topic.ghandil wrote:.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Intern
- Posts: 78
- Joined: Fri Oct 23, 2009 2:42 pm
Re: beez: dangerous template for joomla ?
Thanks you mandville.mandville wrote: your issue is unrelated to this topic.
But would you mind explain "fingerprint" a joomla site please? I think it's related to this topic.
Also I thought my site maybe was hacked by fingerprint joomla site first and then other actions. that's why I mentioned its topic here. excuse me.ghandil wrote:what do you mean they "fingerprint" a joomla site exactly? it means they may understand that site has been built by joomla? If so there are many easier way to know this. aren't there?
Thanks in advance
- RussW
- Joomla! Exemplar
- Posts: 9347
- Joined: Sun Oct 22, 2006 4:42 am
- Location: Sunshine Coast, Queensland, Australia
- Contact:
Re: beez: dangerous template for joomla ?
Most commonly, the template folder needs to be writable to install templates and update them. On poorly configured servers and sites, this might mean the user has set the permissions to 777, which is extremely dangerous and exposes you to compromise quite readily. So targeting the templates folder, with a known default template, is quite a handy way of determining what's installed, at what version and to some degree , maybe even how to access. OK?
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/
- brian
- Joomla! Master
- Posts: 12787
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: beez: dangerous template for joomla ?
fingerprint - a tell tale sign identifying the site as running joomla. Joomla like ALL cms has many fingerprints
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
-
- Joomla! Intern
- Posts: 78
- Joined: Fri Oct 23, 2009 2:42 pm
Re: beez: dangerous template for joomla ?
Thanks dear RussW and dear brian
what kind of stuff they could be determine with this method? just joomla or even its extension? how?
P.s: Excuse me for many questions but I really want to learn something
Thanks You a lot.RussW wrote:with a known default template, is quite a handy way of determining what's installed
what kind of stuff they could be determine with this method? just joomla or even its extension? how?
P.s: Excuse me for many questions but I really want to learn something
- brian
- Joomla! Master
- Posts: 12787
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: beez: dangerous template for joomla ?
If you know what you are doing then you can determine the exact version of joomla that is installed and possibly the extensions that are installed and their versions.
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
- RussW
- Joomla! Exemplar
- Posts: 9347
- Joined: Sun Oct 22, 2006 4:42 am
- Location: Sunshine Coast, Queensland, Australia
- Contact:
Re: beez: dangerous template for joomla ?
unfortunately, we don't openly discuss exploit types or details, so you will need to do some research yourself for this type of information. But think a little broader. If for the stated reasons, of miss-configuration of permissions because a poorly configured server requires the use of 777 for a folder to be writable to the user, then access is granted to many other people as well as the owner, hence there is a vulnerability caused, potentially allowing for the upload of a malicious script, gaining access to the complete hosting account, if not (considering the server is already determined to be poorly configured) other peoples accounts on the same machine, MySQL and worse, the server itself.
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/