handyphp

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
User avatar
dex
Joomla! Explorer
Joomla! Explorer
Posts: 351
Joined: Tue Oct 18, 2005 9:44 pm
Location: Sydney - Australia
Contact:

handyphp

Post by dex » Tue Feb 19, 2008 12:21 am

I have just had my 1.5 stable site attacked. The infiltrator created a table called jos_handy_php and when I used site search it came up in my search results, with the title linking to handyphp.com. I've removed the table from phpmyadmin. I don't know how to find out how they got in though.

I'm running: Fireboard 1.0.3, Community Builder 1.1, JoomlaCloner 1.9.2, Acajoom 1.5.0, Events 1.4.2, Jim 1.0.1 (the fixed version), JoomlaXplorer 1.6.1, Maxcomment 1.0.5

None of these is current on the 3pd vulnerabilities list. Does anyone know how they got in please?

thx
Dex
Joomla implementor
http://www.spikesystems.com.au
http://www.joomla.org.au - Aussie Joomla user groups & events

User avatar
dex
Joomla! Explorer
Joomla! Explorer
Posts: 351
Joined: Tue Oct 18, 2005 9:44 pm
Location: Sydney - Australia
Contact:

Re: handyphp/Fireboard

Post by dex » Tue Feb 19, 2008 3:21 am

OK, it's not a hack. Apparently the Fireboard people have added this 'feature' to the fireboard searchbot, so that when you do a search it will show a link to them. Crafty.


Locked

Return to “Security in Joomla! 1.5”