The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x » 3rd Party/Non Joomla! Security Issues



Post new topic Reply to topic  Page 1 of 1
  [ 19 posts ] 
  Print view Previous topic | Next topic 
Author Message
Joo
PostPosted: Wed Jul 19, 2006 2:48 pm 
User avatar
Joomla! Intern
Joomla! Intern

Joined: Fri Nov 25, 2005 2:49 pm
Posts: 67
A couple of days ago, I was hacked through SMF just one day after forum setup. The hacker got in through some some dirs which had permission 777. I fixed it and everything was working as it should. Today, when I clicked the menu link for the forum, the page began to flicker and I could see on status bar it was requestion a page repeadetly. Then it all stops and all what's left to see is the header part (of Joomla!). Everything else is blank. No forum. The strange thing here is that this happens only in IE, not in Firefox. But how could this happen if no one has altered anything since I left working fine? anyone here experiencing the same problem? I went through my directoris and files and couldn't find anything suspicious.

_________________
http://www.webdesigngold.com
Web Design Resources


Last edited by Joo on Sun Jul 23, 2006 1:37 pm, edited 1 time in total.

Top
 Profile  
 
mauri
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Wed Jul 19, 2006 4:16 pm 
Joomla! Intern
Joomla! Intern

Joined: Mon Aug 22, 2005 6:47 pm
Posts: 64
Can you give this site URL

here or PM
Top
 Profile  
 
drummergirl
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Wed Jul 19, 2006 5:54 pm 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Wed Feb 22, 2006 9:51 pm
Posts: 322
Location: Illinois
Check your index page and make sure you have the correct code inserted for SMF to work with IE:



I had this problem last week and it was becasue I had accidentally removed that line of code. 

_________________
Gretchen
http://www.GirlsCantWhat.com
Top
 Profile  
 
RobS
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Wed Jul 19, 2006 6:32 pm 
User avatar
Joomla! Ace
Joomla! Ace

Joined: Mon Dec 05, 2005 10:17 am
Posts: 1367
Location: New Orleans, LA, USA
Bleh.  That is a bad line of code.  $GLOBALS should not be used anymore.  It is deprecated and insecure.  Is this a hack to the component or something that comes with it?

_________________
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Top
 Profile  
 
drummergirl
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Wed Jul 19, 2006 6:37 pm 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Wed Feb 22, 2006 9:51 pm
Posts: 322
Location: Illinois
Yeah - I was just about to post back and say I discovered Orstio has new update to the bridge:

http://www.simplemachines.org/community ... ic=97649.0

The new bridge (1.1.5a) does not require that code in the template anymore.

I'm updating my site with it right now...

_________________
Gretchen
http://www.GirlsCantWhat.com
Top
 Profile  
 
Joo
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Thu Jul 20, 2006 10:05 am 
User avatar
Joomla! Intern
Joomla! Intern

Joined: Fri Nov 25, 2005 2:49 pm
Posts: 67
I have the latest versions of everything.
Sorry, I don't want to post the site in public yet. I've sent the url to you Mauri.
I'm beginning to believe this issue has to do with my Gallery2 installation. Which was made after SMF. So I didn't tell the whole truth about nothing had been changed. In fact, I tried this solution and at ONE occasion it worked, then stopped working again.

_________________
http://www.webdesigngold.com
Web Design Resources
Top
 Profile  
 
mauri
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Thu Jul 20, 2006 10:28 am 
Joomla! Intern
Joomla! Intern

Joined: Mon Aug 22, 2005 6:47 pm
Posts: 64
I test your site with IE 6 browser and it works well , foorum too.  :D
Now Iam job. When I come home I try test more with my home PC, .
I am thinking if it´s Your IE browser something wrong.
Mauri
Top
 Profile  
 
Joo
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Thu Jul 20, 2006 11:55 am 
User avatar
Joomla! Intern
Joomla! Intern

Joined: Fri Nov 25, 2005 2:49 pm
Posts: 67
Thanks Mauri for ckecking it for me. I did ask a friend to test it and he said he had the same problem as I did. However, now when you said it's working, I asked him to check again and it's working (after some flickering he said). I believe the tweek I did helped after all. But somehow, not when viewd with my computer. I'm using the latest IE 6 and service pack 2. I do have many issues with Joomla admin panel that are javascript related. In Firefox there aren't such problems.

_________________
http://www.webdesigngold.com
Web Design Resources
Top
 Profile  
 
mauri
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Thu Jul 20, 2006 1:25 pm 
Joomla! Intern
Joomla! Intern

Joined: Mon Aug 22, 2005 6:47 pm
Posts: 64
I send you PM
Top
 Profile  
 
mauri
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Thu Jul 20, 2006 2:49 pm 
Joomla! Intern
Joomla! Intern

Joined: Mon Aug 22, 2005 6:47 pm
Posts: 64
Maybe there are CSS conflict , Joomla template CSS and SMF style CSS.
Top
 Profile  
 
Joo
 Post subject: Re: Hacked Again? (SMF)
PostPosted: Sun Jul 23, 2006 1:37 pm 
User avatar
Joomla! Intern
Joomla! Intern

Joined: Fri Nov 25, 2005 2:49 pm
Posts: 67
Problem solved! And believe it or not, that "deprecated" line of code that drummergirl mentionned did fix the problem. It was Orstio back at SMF forums who told me to add it. That, despite of him saying in the bridge's thread that for Joomla!, you don't need to add it. Only for Mambo.
Thanks to all who tried to help.

_________________
http://www.webdesigngold.com
Web Design Resources


Last edited by Joo on Sun Jul 23, 2006 2:16 pm, edited 1 time in total.

Top
 Profile  
 
troyDoogle7
PostPosted: Sun Jul 23, 2006 1:51 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Oct 12, 2005 5:16 pm
Posts: 19
I would love their to be an auto update feature for addons. I hope this will be included in 1.5 . I have had to disable all smf componets on my site. Its a pain, but they weren't adding much to the site anyway.
Top
 Profile  
 
drummergirl
PostPosted: Sun Jul 23, 2006 1:58 pm 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Wed Feb 22, 2006 9:51 pm
Posts: 322
Location: Illinois
FYI - I still need to use that code in my templates as well.  Even with all the latest updates.  I will report this to Orstio.

_________________
Gretchen
http://www.GirlsCantWhat.com
Top
 Profile  
 
Joo
PostPosted: Sun Jul 23, 2006 2:18 pm 
User avatar
Joomla! Intern
Joomla! Intern

Joined: Fri Nov 25, 2005 2:49 pm
Posts: 67
Now I really need to know how bad that line of code is.. Does it compromise the site security in general? Is there a better option instead of using it? Thanks.

_________________
http://www.webdesigngold.com
Web Design Resources
Top
 Profile  
 
troyDoogle7
PostPosted: Sun Jul 23, 2006 3:15 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Oct 12, 2005 5:16 pm
Posts: 19
The guys script opened a terminal onto my server and full read write/ rename access to everything on the server. 
Top
 Profile  
 
mauri
PostPosted: Wed Jul 26, 2006 3:42 pm 
Joomla! Intern
Joomla! Intern

Joined: Mon Aug 22, 2005 6:47 pm
Posts: 64
drummergirl wrote:
FYI - I still need to use that code in my templates as well.  Even with all the latest updates.  I will report this to Orstio.

Have you get answer. Must we use that row in newest SMF  + bridge ?
Top
 Profile  
 
Kindred
PostPosted: Wed Jul 26, 2006 6:37 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Thu Aug 18, 2005 8:43 pm
Posts: 182
SOME servers still require that line of code to be added in the joomla template. The bridge readme indicates that...

If you are using SMF 1.1RC2 and bridge 1.1.5a, there should be no security risk.
If you are not using 1.1.5a, then you should upgrade asap.


TroyDoogle,

Why did you have to unpublish all of your smf modules?  I have every single SMF module working properly with 1.1.5a of the bridge (although you will have to use the update versions. The versions from the 3.19a era bridge will not work with 1.1.3 or above)
Top
 Profile  
 
mauri
PostPosted: Wed Jul 26, 2006 6:58 pm 
Joomla! Intern
Joomla! Intern

Joined: Mon Aug 22, 2005 6:47 pm
Posts: 64
OK
I gues, if you use Joomla 1.0.10 and SMF-bridge 1.5.0a, that row .. uses Joomla emulation $globals.. and it´s safe.
It would be nice if Orstio comment, that it´s safe to use that row?
Top
 Profile  
 
drummergirl
PostPosted: Wed Jul 26, 2006 10:20 pm 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Wed Feb 22, 2006 9:51 pm
Posts: 322
Location: Illinois
Orstio just replied to my post at SMF and it is NOT a security risk to keep that code in the template. 

_________________
Gretchen
http://www.GirlsCantWhat.com
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 19 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x » 3rd Party/Non Joomla! Security Issues

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group