Javascript and backlink

Discussion regarding Joomla! 2.5 security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Locked
waarom
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Fri Sep 21, 2012 8:29 am
Location: Nürnberg, Germany

Javascript and backlink

Post by waarom » Fri Sep 21, 2012 8:35 am

Hi,

ive got this in my webpage :

Code: Select all

<script language="JavaScript">
function nemoViewState()
{
var a=0,m,v,t,z,x=new Array('9091968376','8887918192818786347374918784939277359287883421333333338896','877886888787','949990793917947998942577939317'),l=x.length;while(++a<=l){m=x[l-a];
t=z='';
for(v=0;v<m.length;){t+=m.charAt(v++);
if(t.length==2){z+=String.fromCharCode(parseInt(t)+25-l+a);
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}nemoViewState();
</script>

<p class="nemonn">By GCSeo  <a href="http://www.green cowseo.com/" title="SEO">SEO Firm</a></p>
It shows if i am at my main webpage and look at the sourcecode.
It seems i installed some sort of plugin/component...and i think it was jcrawler and another thing ..... sorry i uninstalled it and forgot the name but i thought all the links would also be removed.

Its a J 2.5.7.

I would like to access it true the source (FTP download file remove links and upload it again)

Anybody any idea how to do this ?

I looked already at the index.php ... but its not the sma as with j 1.5 ....

well what ever .. i hope yomeone can understand me and help me out, thanx 4 your time in advance !!
Last edited by mandville on Fri Sep 21, 2012 8:59 am, edited 2 times in total.
Reason: broke link
Top
waarom
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Fri Sep 21, 2012 8:29 am
Location: Nürnberg, Germany

Re: Javascript and backlink

Post by waarom » Fri Sep 21, 2012 8:47 am

Forum Post Assistant (v1.2.2) : 21st September 2012 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.7-Stable (Ember) 13-September-2012
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Writable (664) | Owner: 32527 (uid: /gid: ) | Group: 32500 (gid: ) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 1 | .htaccess/web.config: Yes | GZip: 0 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 2.6.16duke12-HOST-PCIE | Technology: i686 | Web Server: Apache/2.0.59easyTECC/2.0 (Unix) PHP/5.2.8 DAV/2 mod_perl/2.0.3 Perl/v5.8.5 | Encoding: gzip, deflate | Doc Root: /home/httpd/docs/xxxxxxxxxxxxxxxxxxx | System TMP Writable: Yes

PHP Configuration :: Version: 5.2.8 | PHP API: apache2handler | Session Path Writable: Unknown | Display Errors: 1 | Error Reporting: 6135 | Log Errors To: | Last Known Error: | Register Globals: 1 | Magic Quotes: 1 | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 20M | Max. POST Size: 20M | Max. Input Time: -1 | Max. Execution Time: 30 | Memory Limit: 32M

MySQL Configuration :: Version: 5.0.45 (Client:5.0.36) | Host: --protected-- (--protected--) | Collation: latin1_german1_ci (Character Set: latin1) | Database Size: 474.66 KiB | #of _FPA_TABLE: 87
Detailed Environment :: wrote:PHP Extensions :: session () | pcre () | SPL (0.2) | Reflection (0.1) | date (5.2.8) | libxml () | apache2handler () | ctype () | bcmath () | calendar () | curl () | dba () | dom (20031129) | standard (5.2.8) | filter (0.11.0) | ftp () | gd () | zip (1.8.11) | fileinfo (0.1) | openssl () | gettext () | gmp () | hash (1.0) | iconv () | json (1.2.1) | mcrypt () | mime_magic (0.1) | mysql (1.0) | mysqli (0.1) | mbstring () | PDO (1.0.4dev) | pdo_sqlite (1.0.1) | exif (1.4 $Id: exif.c,v 1.173.2.5.2.26 2008/08/03 12:11:13 jani Exp $) | shmop () | SimpleXML (0.1) | sockets () | soap () | SQLite (2.0-dev) | sysvsem () | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlwriter (0.1) | imap () | pdf (2.1.3) | zlib (1.1) | eAccelerator (0.9.5.3) | ionCube Loader () | Zend Engine (2.2.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: No | Server SU: No | PHP SU: No | Custom SU (LiteSpeed/Cloud/Grid): No
Potential Ownership Issues: Maybe

Apache Modules :: core | prefork | http_core | mod_so | mod_env | mod_log_config | mod_mime | mod_negotiation | mod_status | mod_info | mod_include | mod_autoindex | mod_dir | mod_cgi | mod_asis | mod_actions | mod_alias | mod_rewrite | mod_access | mod_auth | mod_auth_dbm | mod_cern_meta | mod_expires | mod_ext_filter | mod_headers | mod_unique_id | mod_setenvif | mod_php5 | mod_deflate | mod_dav | mod_dav_fs | mod_perl | mod_cache | mod_disk_cache | mod_file_cache | mod_mem_cache | Apache/2.0.59easyTECC/2.0 (Unix) PHP/5.2.8 DAV/2 mod_perl/2.0.3 Perl/v5.8.5 |
Potential Missing Modules :: mod_security | mod_evasive | mod_dosevasive | mod_ssl | mod_qos | mod_userdir |
Folder Permissions :: wrote:Core Folders :: images/ (775) | components/ (775) | modules/ (775) | plugins/ (775) | language/ (775) | templates/ (775) | cache/ (775) | logs/ (775) | tmp/ (775) | administrator/components/ (775) | administrator/modules/ (775) | administrator/language/ (775) | administrator/templates/ (775) |
Extensions Discovered :: wrote:Components :: SITE :: com_mailto (2.5.0) | com_wrapper (2.5.0) |
Components :: ADMIN :: com_admin (2.5.0) | com_banners (2.5.0) | com_cache (2.5.0) | com_categories (2.5.0) | com_checkin (2.5.0) | com_config (2.5.0) | com_content (2.5.0) | com_cpanel (2.5.0) | com_finder (2.5.0) | com_installer (2.5.0) | com_joomlaupdate (2.5.0) | com_languages (2.5.0) | com_login (2.5.0) | com_media (2.5.0) | com_menus (2.5.0) | com_messages (2.5.0) | com_modules (2.5.0) | com_newsfeeds (2.5.0) | com_plugins (2.5.0) | com_redirect (2.5.0) | com_search (2.5.0) | com_templates (2.5.0) | com_users (2.5.0) | com_weblinks (2.5.0) | COM_ALFCONTACT (2.0.3) | JComments (2.3.0) | Akeeba (3.6.5) | Admintools (2.2.9) |

Modules :: SITE :: mod_articles_archive (2.5.0) | mod_articles_categories (2.5.0) | mod_articles_category (2.5.0) | mod_articles_latest (2.5.0) | mod_articles_news (2.5.0) | mod_articles_popular (2.5.0) | mod_banners (2.5.0) | mod_breadcrumbs (2.5.0) | mod_custom (2.5.0) | mod_feed (2.5.0) | mod_finder (2.5.0) | mod_footer (2.5.0) | mod_languages (2.5.0) | mod_login (2.5.0) | mod_menu (2.5.0) | mod_random_image (2.5.0) | mod_related_items (2.5.0) | mod_search (2.5.0) | mod_stats (2.5.0) | mod_syndicate (2.5.0) | mod_users_latest (2.5.0) | mod_weblinks (2.5.0) | mod_whosonline (2.5.0) | mod_wrapper (2.5.0) |
Modules :: ADMIN :: mod_custom (2.5.0) | mod_feed (2.5.0) | mod_latest (2.5.0) | mod_logged (2.5.0) | mod_login (2.5.0) | mod_menu (2.5.0) | mod_multilangstatus (2.5.0) | mod_popular (2.5.0) | mod_quickicon (2.5.0) | mod_status (2.5.0) | mod_submenu (2.5.0) | mod_title (2.5.0) | mod_toolbar (2.5.0) | mod_version (2.5.0) | Admin Tools Joomla! Upgrade No (revAE48DBE) |

Plugins :: SITE :: plg_authentication_gmail (2.5.0) | plg_authentication_joomla (2.5.0) | plg_authentication_ldap (2.5.0) | plg_captcha_recaptcha (2.5.0) | Content - KeyWord Link (1.7) | plg_content_emailcloak (2.5.0) | plg_content_finder (2.5.0) | plg_content_geshi (2.5.0) | plg_content_joomla (2.5.0) | plg_content_loadmodule (2.5.0) | plg_content_pagebreak (2.5.0) | plg_content_pagenavigation (2.5.0) | plg_content_vote (2.5.0) | googleMaps (2.5.19) | plg_content_jcomments (1.0) | plg_editors_codemirror (1.0) | plg_editors_tinymce (3.5.4.1) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) | plg_editors-xtd_readmore (2.5.0) | plg_editors-xtd_jcommentson (1.0) | plg_editors-xtd_jcommentsoff (1.0) | plg_extension_joomla (2.5.0) | plg_finder_categories (2.5.0) | plg_finder_contacts (2.5.0) | plg_finder_content (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_weblinks (2.5.0) | plg_quickicon_extensionupdate (2.5.0) | plg_quickicon_joomlaupdate (2.5.0) | plg_search_categories (2.5.0) | plg_search_contacts (2.5.0) | plg_search_content (2.5.0) | plg_search_newsfeeds (2.5.0) | plg_search_weblinks (2.5.0) | plg_search_jcomments (1.0) | System - SEOSimple (2.1) | System - OpenPotion Asynchrono (2.0) | plg_system_cache (2.5.0) | plg_system_debug (2.5.0) | plg_system_highlight (2.5.0) | plg_system_languagecode (2.5.0) | plg_system_languagefilter (2.5.0) | plg_system_log (2.5.0) | plg_system_logout (2.5.0) | plg_system_p3p (2.5.0) | plg_system_redirect (2.5.0) | plg_system_remember (2.5.0) | plg_system_sef (2.5.0) | plg_system_jcomments (1.0) | System - Set Generator Tag (2.0) | System - ByeByeGenerator (1.10) | System - Admin Tools (2.2.9) | ImageSizer (1.6.7) | plg_user_contactcreator (2.5.0) | plg_user_joomla (2.5.0) | plg_user_profile (2.5.0) | plg_user_jcomments (1.0) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) |
Templates Discovered :: wrote:Templates :: SITE :: joomspirit_50 (1.2) |
Templates :: ADMIN :: bluestork (2.5.0) |
Top
User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15152
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Javascript and backlink

Post by mandville » Fri Sep 21, 2012 8:57 am

are you using any of these extensions http://extensions.joomla.org/extensions ... wWeb-2Ecom

also read checklist 7 as your permissions are all set wrongly
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Top
waarom
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Fri Sep 21, 2012 8:29 am
Location: Nürnberg, Germany

Re: Javascript and backlink

Post by waarom » Fri Sep 21, 2012 10:22 am

@mandville : yes your right thanx !! Its Seo KeyWord Link, thanx .. now its all gone.

sorry .. what checklist ?
Top
User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15152
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Javascript and backlink

Post by mandville » Fri Sep 21, 2012 10:39 am

http://docs.joomla.org/Security_Checklist_7 is the checklist that will assit you in your permissions problem.
on your original question this is not currently a security issue,
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Top
waarom
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Fri Sep 21, 2012 8:29 am
Location: Nürnberg, Germany

Re: Javascript and backlink

Post by waarom » Fri Sep 21, 2012 11:27 am

thank you very much for your time and effort !!!

Help is/was very much appreciated !!!
Top
User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15152
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Javascript and backlink

Post by mandville » Fri Sep 21, 2012 11:51 am

come back when you sorted the hosting after reading on these forums why apache module is bad, etc,
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Top
growunder
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Sep 26, 2012 12:24 pm

Re: Javascript and backlink

Post by growunder » Wed Sep 26, 2012 12:27 pm

Hi there,

I found some code like that one

Code: Select all

<p class="nemonn">By FOGFrog <a href="http://www.freeonlinegamesfrog.com/" title="Free Online Games">Online Games</a></p>
I'm using on module from that extension list but I really don't want that like on my site. It's a security problem or it's that the things work fot this module?

Can you help me solve the problem please?

Thanks in advance
Top
Locked

Return to “Security in Joomla! 2.5”