JED checker rules Topic is solved

Here you can contact the editors of our Extensions site, as well as access infomation relating to this site.

Moderator: JED Team

Forum rules
Forum Rules
READ ME <-- please read before posting, this means YOU.
Post Reply
jschmi
Joomla! Apprentice
Joomla! Apprentice
Posts: 46
Joined: Wed Oct 08, 2008 7:14 am

JED checker rules

Post by jschmi » Thu Oct 06, 2022 2:17 pm

hi,

I get a warning by JAMSS - Joomla! Anti-Malware Scan Script when calling method:

$plugin=PluginHelper::getPlugin('type', 'name');
Reason: "Pattern found#23 - shell command execution from POST/GET variables"

I think this should be corrected, as this is a well known and valid PluginHelper method and not a POST/GET variable issue.
Last edited by imanickam on Thu Oct 06, 2022 3:00 pm, edited 1 time in total.
Reason: Moved topic » from Extensions for Joomla! 4.x to extensions.joomla.org - Feedback/Information

SharkyKZ
Joomla! Hero
Joomla! Hero
Posts: 2445
Joined: Fri Jul 05, 2013 10:35 am
Location: Parts Unknown

Re: JED checker rules

Post by SharkyKZ » Thu Oct 06, 2022 7:48 pm

What is the exact code on the line?

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 15223
Joined: Thu Feb 15, 2007 5:48 am
Location: Sydney, Australia

Re: JED checker rules

Post by toivo » Thu Oct 06, 2022 8:07 pm

The Joomla Anti Malware Scan Script (JAMSS) has not been updated for several years and "[t]his script is far from being 100% accurate". It detects patterns in ordinary code structures, for example Pattern found#17 - PHP: multiple encoded, most probably obfuscated code found #11 #27, but apparently it is only a warning and will be manually checked by the JED team.
Toivo Talikka, Global Moderator

jschmi
Joomla! Apprentice
Joomla! Apprentice
Posts: 46
Joined: Wed Oct 08, 2008 7:14 am

Re: JED checker rules

Post by jschmi » Fri Oct 07, 2022 9:11 am

hi,

still I suggest to correct this issue. Though it results only in a warning, it creates at least some unnecessary irritation and checks (which happened to me).

Physicist
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 124
Joined: Sat Apr 14, 2007 9:16 am
Location: Russia
Contact:

Re: JED checker rules

Post by Physicist » Fri Oct 07, 2022 10:19 am

@jschmi Could you send me (denis.ryabov at community.joomla.org) the full text of that file? The rule #23 finds execution command (exec, passthru, shell_exec, system, popen, proc_...) followed by $_GET or $_POST. The mentioned line doesn't match it, so the actual problem should be a few lines above or below.
Denis Ryabov, Lead Developer of Mobile Joomla! extension (https://www.mobilejoomla.com/)

jschmi
Joomla! Apprentice
Joomla! Apprentice
Posts: 46
Joined: Wed Oct 08, 2008 7:14 am

Re: JED checker rules

Post by jschmi » Fri Oct 07, 2022 11:11 am

hi,

You are right... in my code I'm doing some cleanup of $_GET and $_POST variables. If I remove this code part - the JAMSS warning disappears. Can you explain/clarify, why JAMSS does not point to this part of code?

Physicist
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 124
Joined: Sat Apr 14, 2007 9:16 am
Location: Russia
Contact:

Re: JED checker rules

Post by Physicist » Fri Oct 07, 2022 11:59 am

Hmm, do you use the latest version of JEDChecker (v.2.4.1)? I'm unable to reproduce the issue with your file (though I tested it using dev snapshot, maybe there is a difference).
Denis Ryabov, Lead Developer of Mobile Joomla! extension (https://www.mobilejoomla.com/)

jschmi
Joomla! Apprentice
Joomla! Apprentice
Posts: 46
Joined: Wed Oct 08, 2008 7:14 am

Re: JED checker rules

Post by jschmi » Fri Oct 07, 2022 12:53 pm

hi,

jed checker version is 2.4.1 - I get this using my code:
You do not have the required permissions to view the files attached to this post.

jschmi
Joomla! Apprentice
Joomla! Apprentice
Posts: 46
Joined: Wed Oct 08, 2008 7:14 am

Re: JED checker rules

Post by jschmi » Fri Oct 07, 2022 1:03 pm

hi,

I reinstalled jedchecker with code from github - this tells me same version (and date) but the warning disappeared with this version. Seems that the code from JED is different and causing the issue.

User avatar
sozzled
Joomla! Master
Joomla! Master
Posts: 13059
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia

Re: JED checker rules

Post by sozzled » Fri Oct 07, 2022 8:15 pm

Interesting discussion!

I agree that there are differences between the JED Checker v2.4.1 downloaded from the JED and the files under development in GitHub, e.g. ../administrator/components/com_jedchecker/libraries/rules/jamss.php. I cannot confirm that JAMMS checking accurately reports issues with extensions one tests with JED Checker v2.4.1.

I raised it as an issue for the JED Checker developers: https://github.com/joomla-extensions/je ... issues/193
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?”
Walking the talk: https://j4xdemo.enduring.com.au
:)


Post Reply

Return to “extensions.joomla.org - Feedback/Information”