HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 47 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Web Applicationsarrow Joomla Getting Hammered
EH-Net
May 24, 2013, 02:43:34 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Joomla Getting Hammered  (Read 7701 times)
0 Members and 1 Guest are viewing this topic.
Dark_Knight
Sr. Member
****
Offline Offline

Posts: 292


View Profile WWW
« on: April 06, 2010, 10:13:55 PM »
So I just checked out Exploit-Db and man oh man Joomla is getting hammered. Check it :http://www.exploit-db.com/webapps
Logged
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
Jhaddix
Sr. Member
****
Offline Offline

Posts: 317



View Profile WWW
« Reply #1 on: April 07, 2010, 12:51:45 AM »
I <3 JOOMLA (and Codeigniter)


gimme gimme
Logged
GSEC, GPEN, GWAPT, ECPPT, WAHHlive, LSOAdvancedPenTester

http://www.securityaegis.com
http://www.pentesterscripting.com
http://code.google.com/p/pentest-bookmarks/
j0rDy
Hero Member
*****
Offline Offline

Posts: 590


View Profile
« Reply #2 on: April 07, 2010, 05:47:20 AM »
damn smartfilter...i'll check when i get home...(better keep an eye on the updates!)

edit: not only joomla is getting hammered:

PHP 6.0 buffer overflow:
http://www.nullbyte.org.il/View_79_PHP%206.0%20Dev%20str_transliterate()%200Day%20Local%20Buffer%20Overflow%20Exploit.html
« Last Edit: April 07, 2010, 06:16:17 AM by j0rDy » Logged
ISC2 Associate, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #3 on: April 07, 2010, 07:30:06 AM »
Lots of vulnerable extensions.  I almost never run extensions on my Joomla sites, unless I have to.  Traditionally, Joomla itself has been pretty stable, but the extensions are written very poorly. 
Logged
~~~~~~~~~~~~~~
Ketchup
BillV
Hero Member
*****
Offline Offline

Posts: 1892


View Profile WWW
« Reply #4 on: April 07, 2010, 08:15:52 AM »
Yeah, I only quickly glanced but it looked like most of what's listed is additional components/extensions. Guess the lesson, for those who don't do it already, would be to inspect that stuff before just installing it onto your site.
Logged
clanggedin
Newbie
*
Offline Offline

Posts: 17


View Profile
« Reply #5 on: May 28, 2010, 03:10:08 PM »
I see Joomla sites get hacked on a daily basis. I always warn them about install components but the customers always have the "I'll never get hacked' attitude, then months later they are calling needing help in finding out how their site got hacked.  LOL.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.077 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.