Iframe virus- Internet Explorer Issue
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Iframe virus- Internet Explorer Issue
My website content is not visible in IE.
However it is properly visible in other browsers.
It is tallyway .com.
Pl check it out & help me.
I m without a solution for this since a long time. It is urgent.
However it is properly visible in other browsers.
It is tallyway .com.
Pl check it out & help me.
I m without a solution for this since a long time. It is urgent.
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
Warning: Do not visit the site. There is a trojan iframe in the website.
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
There is no trojan in the site.
Can you help me out if I post the screen shots.
Have attached one.
Can you help me out if I post the screen shots.
Have attached one.
You do not have the required permissions to view the files attached to this post.
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
Clean your website, then we'll talk.
http://www.urlvoid.com/scan/tmjablkj.co.tv
http://vscan.novirusthanks.org/analysis ... 3YXktY29t/
http://www.urlvoid.com/scan/tmjablkj.co.tv
http://vscan.novirusthanks.org/analysis ... 3YXktY29t/
You do not have the required permissions to view the files attached to this post.
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
Pl help me in removing the virus from my website.
I m a newbie in web development.
-
I m a newbie in web development.
-
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
I'll try to help as best as I can.
Have you added any articles yet or noticed any suspicious code on your site?
Have you added any articles yet or noticed any suspicious code on your site?
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
Where did you download the template?
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
It is a default template
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
Any new extensions?
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
I have a plugin called chronoforms, & 2 templates Technology act name jt002_j16, & Software jt004_j16 which I have downloaded.
However the 2 templates do not apply or can be deleted.
However the 2 templates do not apply or can be deleted.
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
Have you confirmed that everything you just listed came from a trusted source?
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
How do I know the source is trusted ??
-
- Joomla! Intern
- Posts: 78
- Joined: Sat Jun 04, 2011 6:41 pm
Re: Internet Explorer Issue
List all the outside extensions/templates that you have installed + where you got them. I'll check them out.
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
Plugin: Chronoforms http://extensions.joomla.org/extensions ... forms/1508
Templates: Software http://joomlathemes.co/1-6-templates/40-software
Technology http://joomlathemes.co/1-6-templates/38-technology
Templates: Software http://joomlathemes.co/1-6-templates/40-software
Technology http://joomlathemes.co/1-6-templates/38-technology
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Security Report
[quote="JTS-post Problem Description"]Suspected Iframe Trojan visible by viewing first line of code @ tallyway.com[/quote]
JTS-post Diagnostic Information wrote:Joomla! Version: Joomla! 1.6.4 Stable [ Onward ] 23-Jun-2011 23:00 GMT
configuration.php: Writable (Mode: 777 ) | Architecture/Platform: Linux 2.6.9-89.0.18.ELsmp ( x86_64) | Web Server: Apache | PHP Version: 5.2.9
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5 or above): Yes | iconv Support (1.5 or above): Yes | save.session_path: Writable | Max. Execution Time: 240 seconds ( now, but user had to increase from 30 ) | File Uploads: Enabled
MySQL Version: ( )
JTS-post Extended Information wrote:SEF: Enabled (without ReWrite) | Legacy Mode: N/A | FTP Layer: N/A | htaccess: Not Implemented
PHP/suExec: User and Web Server accounts are the same. (PHP/suExec probably installed)
PHP Environment: API: cgi-fcgi | MySQLi: Yes | Max. Memory: 96M ( now, but user had to increase from 24M ) | Max. Upload Size: 20M | Max. Post Size: 22M | Max. Input Time: 60 | Zend Version: 2.2.0
Disabled Functions:
MySQL Client: 4.1.22 ( )
Last edited by ooffick on Tue Jul 26, 2011 4:57 pm, edited 1 time in total.
Reason: Mod Note: Duplicate post deleted, please do not post your question multiple times..
Reason: Mod Note: Duplicate post deleted, please do not post your question multiple times..
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Security Report
| htaccess: Not Implemented ****
[ ] Ensure you have the latest version of Joomla. Delete all files in your Joomla installation. Replace the deleted files with fresh copies of a current full version of Joomla, and fresh copies of extensions and templates used. Only by replacing all files in the installation (including extensions and templates) can you be sure to remove the backdoors inserted and hidden in files and directories
[ ] Review Vulnerable Extensions List
[ ] Review and action Security Checklist checklist 7 to make sure you've gone through all of the steps.
[ ] Scan all machines with FTP, Joomla super admin, and Joomla admin access for malware, virus, trojans, spyware, etc.
[ ] Change all passwords and if possible user names for the website host control panel and your Joomla site.
[ ] Use proper permissions on files and directories. They should never be 777, but ideal is 644 and 755
[ ] Check your htaccess for for any odd code (i.e. code which is not in the standard htaccess supplied as part of the Joomla installation).
[ ] Check the crontab or Task Scheduler for unexpected jobs/tasks.
[ ] Ensure you do not have anonymous ftp enabled
Note: The forum post tool will work with J1.6.x
[ ] Ensure you have the latest version of Joomla. Delete all files in your Joomla installation. Replace the deleted files with fresh copies of a current full version of Joomla, and fresh copies of extensions and templates used. Only by replacing all files in the installation (including extensions and templates) can you be sure to remove the backdoors inserted and hidden in files and directories
[ ] Review Vulnerable Extensions List
[ ] Review and action Security Checklist checklist 7 to make sure you've gone through all of the steps.
[ ] Scan all machines with FTP, Joomla super admin, and Joomla admin access for malware, virus, trojans, spyware, etc.
[ ] Change all passwords and if possible user names for the website host control panel and your Joomla site.
[ ] Use proper permissions on files and directories. They should never be 777, but ideal is 644 and 755
[ ] Check your htaccess for for any odd code (i.e. code which is not in the standard htaccess supplied as part of the Joomla installation).
[ ] Check the crontab or Task Scheduler for unexpected jobs/tasks.
[ ] Ensure you do not have anonymous ftp enabled
Note: The forum post tool will work with J1.6.x
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Security Report
[quote="JTS-post Problem Description"]After renaming htaccess.txt to .htaccess & changing permissions of configuration.txt to 755[/quote]
JTS-post Diagnostic Information wrote:Joomla! Version: Joomla! 1.6.4 Stable [ Onward ] 23-Jun-2011 23:00 GMT
configuration.php: Writable (Mode: 755 ) | Architecture/Platform: Linux 2.6.9-89.0.18.ELsmp ( x86_64) | Web Server: Apache | PHP Version: 5.2.9
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5 or above): Yes | iconv Support (1.5 or above): Yes | save.session_path: Writable | Max. Execution Time: 240 seconds ( now, but user had to increase from 30 ) | File Uploads: Enabled
MySQL Version: ( )
JTS-post Extended Information wrote:SEF: Enabled (without ReWrite) | Legacy Mode: N/A | FTP Layer: N/A | htaccess: Implemented
PHP/suExec: User and Web Server accounts are the same. (PHP/suExec probably installed)
PHP Environment: API: cgi-fcgi | MySQLi: Yes | Max. Memory: 96M ( now, but user had to increase from 24M ) | Max. Upload Size: 20M | Max. Post Size: 22M | Max. Input Time: 60 | Zend Version: 2.2.0
Disabled Functions:
MySQL Client: 4.1.22 ( )
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Security Report
That is not a suspected Iframe...You are hacked as simple as that...iFrame is visible in the code. Changing permissions afterwards makes no sense and you need to follow the instructions provided above by Mandville to clear your site
Leo
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Upgrading from Joomla 1.6.4 to 1.6.5
I cant find the update for 1.6.5 but can find only the 1.7.0 version
Extension Mgr > Update Tab > Find updates
Also I can't manually upload & install the 1.6.4 to 1.6.5 .zip file.
It shows an error : Can't find xml file
Extension Mgr > Update Tab > Find updates
Also I can't manually upload & install the 1.6.4 to 1.6.5 .zip file.
It shows an error : Can't find xml file
You do not have the required permissions to view the files attached to this post.
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Security Report
Do not double post I have reacted to the same question elsewhere Manjunath! http://forum.joomla.org/viewtopic.php?f ... 8#p2564398
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Upgrading from Joomla 1.6.4 to 1.6.5
for your informationManjunath S wrote:I cant find the update for 1.6.5 but can find only the 1.7.0 version
E
for your action[20110701]
Inadequate escaping leads to XSS vulnerability.
Affected Installs
Joomla! version 1.6.5 and all earlier 1.6.x versions
Solution
Upgrade to the latest Joomla! version (1.7.0 or later)
A Safe route for disaster relief
[*] save the configuration.php file and your images and personal files one by one, (not the folder as it may contain unwanted files)
[*] wipe the entire folder where Joomla! is installed
[*] upload a new clean full package latest version of joomla (minus the install folder)
[*] reupload your configuration file & images., templates (even better is to use original clean copies to ensure that the hacker/defacer did not leave any shell script files in your site)
[*] reupload or reinstall the latest versions of your extensions , templates (even better is to use original clean copies to ensure that the hacker/defacer did not leave any shell script files in your site)
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Security Report
Hi Mandville,
As of now my Joomla ersion is 1.6.5, but m unable to update to 1.7.0
So now I m taking back up of my site to proceed with the manual upgradation procedure.
As of now my Joomla ersion is 1.6.5, but m unable to update to 1.7.0
So now I m taking back up of my site to proceed with the manual upgradation procedure.
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Security Report
NO.Manjunath S wrote:Hi Mandville,
As of now my Joomla ersion is 1.6.5, but m unable to update to 1.7.0
So now I m taking back up of my site to proceed with the manual upgradation procedure.
do a full reinstall after following the A Safe route for disaster relief bit that says to wipe your directory or you WILL be hacked again.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Security Report
Also changing the permissions of configuration.php from 777 to 755 is incorrect. the correct MAXIMUM permission level for files is 644 and the MAXIMUM permission level of directories are 755. the normal permission level of configuration.php is 444 and should not be higher than 644 for any reason. I should have made that clear in my earlier post.
PhilD
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
Re: Internet Explorer Issue
So are you saying I should change permissions of all files to 644 ?
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Internet Explorer Issue
Yes that is what all files permissions should be set to. 644
All directories should be set to 755
All directories should be set to 755
PhilD
-
- Joomla! Intern
- Posts: 76
- Joined: Wed Jun 22, 2011 8:36 am
I Frame Trojan Attack
My Joomla doesn't upgrade from 1.6.5 to 1.7 as well
[quote="JTS-post Problem Description"]I Frame Trojan Attack[/quote]
[quote="JTS-post Problem Description"]I Frame Trojan Attack[/quote]
JTS-post Diagnostic Information wrote:Joomla! Version: Joomla! 1.6.5 Stable [ Onward ] 11-Jul-2011 23:00 GMT
configuration.php: Writable (Mode: 644 ) | Architecture/Platform: Linux 2.6.9-89.0.18.ELsmp ( x86_64) | Web Server: Apache ( http://www.t allyway.com ) | PHP Version: 5.2.9
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5 or above): Yes | iconv Support (1.5 or above): Yes | save.session_path: Writable | Max. Execution Time: 240 seconds ( now, but user had to increase from 30 ) | File Uploads: Enabled
MySQL Version: ( )
JTS-post Extended Information wrote:SEF: Enabled (without ReWrite) | Legacy Mode: N/A | FTP Layer: N/A | htaccess: Implemented
PHP/suExec: User and Web Server accounts are the same. (PHP/suExec probably installed)
PHP Environment: API: cgi-fcgi | MySQLi: Yes | Max. Memory: 96M ( now, but user had to increase from 24M ) | Max. Upload Size: 20M | Max. Post Size: 22M | Max. Input Time: 60 | Zend Version: 2.2.0
Disabled Functions:
MySQL Client: 4.1.22 ( )
- Azmo
- Joomla! Guru
- Posts: 582
- Joined: Wed Apr 06, 2011 6:31 pm
- Location: Maryland, USA
- Contact:
Re: I Frame Trojan Attack
You were already given all the instructions you need in this thread: http://forum.joomla.org/viewtopic.php?p=2564595 Keep your questions in that thread and follow their instructions.
This thread should be closed/deleted as duplicate.
This thread should be closed/deleted as duplicate.
If I give you an outside solution, I have no affiliation with that product. I may use it, but that is the end of the relationship.