Does this look vulnerable? - Joomla! Forum - community, help and support


was hacked , html code added beez template. believe have cleaned , secure sure appreciate second look.

last php error(s) reported :: forum post assistant (v1.2.1) : 27th august 2012 wrote: in unknown on line 0
forum post assistant (v1.2.1) : 27th august 2012 wrote:
basic environment :: wrote:joomla! instance :: joomla! 1.5.26-stable (senu takaa ama busani) 27-march-2012
joomla! configured :: yes | writable (644) | owner: 4091 (uid: /gid: ) | group: 4076 (gid: ) | valid for: 1.5
configuration options :: offline: 0 | sef: 1 | sef suffix: 0 | sef rewrite: 1 | .htaccess/web.config: yes | gzip: 0 | cache: 0 | ftp layer: 1 | ssl: 0 | error reporting: -1 | site debug: 0 | language debug: 0 | database credentials present: yes

host configuration :: os: linux | os version: 2.6.18-408.8.2.el5.lve0.8.61.3 | technology: x86_64 | web server: apache | encoding: gzip, deflate | doc root: /home/tonyrett/public_html | system tmp writable: yes

php configuration :: version: 5.3.16 | php api: cgi-fcgi | session path writable: unknown | display errors: 1 | error reporting: 22519 | log errors to: error_log | last known error: 27th august 2012 15:47:18. | register globals: | magic quotes: 1 | safe mode: | open base: | uploads: 1 | max. upload size: 2m | max. post size: 8m | max. input time: 60 | max. execution time: 30 | memory limit: 32m

mysql configuration :: version: 5.1.63-cll (client:5.1.63) | host: --protected-- (--protected--) | collation: latin1_swedish_ci (character set: latin1) | database size: 489.71 kib | #of _fpa_table: 51
detailed environment :: wrote:php extensions :: core (5.3.16) | date (5.3.16) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | spl (0.2) | iconv () | session () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | posix () | pspell () | reflection ($id: 23c90449811cd1a9c860b115456b64946c2823a9 $) | standard (5.3.16) | imap () | simplexml (0.1) | soap () | sockets () | exif (1.4 $id$) | tidy (2.0) | tokenizer (0.1) | wddx () | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | uploadprogress (1.0.3.1) | timezonedb () | pdo (1.0.4dev) | pdo_sqlite (1.0.1) | sqlite (2.0-dev) | pdo_mysql (1.0.2) | memcache (3.0.3) | ioncube loader () | zend guard loader () | zend engine (2.3.0) |
potential missing extensions :: suhosin |

switch user environment (experimental) :: php cgi: yes | server su: no | php su: yes | custom su (litespeed/cloud/grid): no
potential ownership issues: maybe
folder permissions :: wrote:core folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

elevated permissions (first 10) :: none
database information :: wrote:database _fpa_stats :: uptime: 10138 | threads: 12 | questions: 2958488 | slow queries: 5 | opens: 65380 | flush tables: 1 | open tables: 1029 | queries per second avg: 291.821 |
extensions discovered :: wrote:components :: site :: mailto (1.5.0) | user (1.5.0) | wrapper (1.5.0) |
components :: admin :: plugin manager (1.5.0) | gallery2 bridge plugin (1.0.2) | jmovies plugin (1.5.0) | eventlist plugin (1.0.0) | sobi2 plugin (1.5.1) | virtuemart plugin (1.1.4) | web links plugin (1.5.1) | acymailing plugin (1.0.0) | rapid recipe plugin (1.0.0) | remository plugin (1.0.3) | sectionex plugin (1.0.2) | myblog plugin (1.5.1) | contacts plugin (1.0.1) | joomdoc extension (1.0.0) | rokdownloads plugin (1.0.4) | lknanswers plugin (1.5.0) | rd-autos plugin (1.5.0) | content plugin (1.5.1) | docman plugin (1.5.0) | hot property plugin (1.0.1) | kunena plugin (1.0.1) | cms shop builder plugin (1.5.0) | agora plugin (1.0.0) | jcalpro plugin (1.0.0) | rsgallery2 extension (1.0.0) | jdownloads plugin (1.5.1) | glossary plugin (1.5.1) | joomgallery plugin (1.5.1) | jevents plugin (1.0.3) | knowledgebase plugin (1.0.0) | mosets tree plugin (1.0.1) | jomres plugin (1.0) | joomsuite resources plugin (1.0.0) | xmap (1.2.10) | user manager (1.5.0) | installation manager (1.5.0) | control panel (1.5.0) | polls (1.5.0) | content page (1.5.0) | newsfeeds (1.5.0) | template manager (1.5.0) | media manager (1.5.0) | phocamaps (1.1.0) | frontpage (1.5.0) | encrypt_configuration (1.8.2) | system - password encrypt (1.6.6) | language manager (1.5.0) | cache manager (1.5.0) | messaging (1.5.0) | mass mail (1.5.0) | search (1.5.0) | weblinks (1.5.0) | module manager (1.5.0) | configuration manager (1.5.0) | banners (1.5.0) | contact items (1.0.0) | menus manager (1.5.0) | akeeba (3.3.11) | trash (1.0.0) |

modules :: site :: most read content (1.5.0) | archived content (1.5.0) | breadcrumbs (1.5.0) | horizontal slideshow (1.8) | feed display (1.5.0) | footer (1.5.0) | gallery view (1.0.3) | custom html (1.5.0) | j!analytics (1.3.0) | syndicate (1.5.0) | who\'s online (1.0.0) | poll (1.5.0) | related items (1.0.0) | statistics (1.5.0) | random image (1.5.0) | latest news (1.5.0) | find on facebook (1.1.3) | search (1.0.0) | login (1.5.0) | sections (1.5.0) | menu (1.5.0) | newsflash (1.5.0) | wrapper (1.0.0) | banner (1.5.0) |
modules :: admin :: unread items (1.0.0) | feed display (1.5.0) | footer (1.0.0) | latest news (1.0.0) | akeeba backup notification mod (3.3.11) | quick icons (1.0.0) | admin submenu (1.0.0) | custom html (1.5.0) | logged in users (1.0.0) | popular items (1.0.0) | title (1.0.0) | admin menu (1.0.0) | user status (1.5.0) | items stats (1.0.0) | toolbar (1.0.0) | login form (1.0.0) | online users (1.0.0) |

plugins :: site :: user - example (1.0) | user - joomla! (1.5) | system - marco's sql injection (1.1.0) | system - log (1.5) | system - password encrypt (1.6.6) | system - jlmetagenerator (0.1) | system - legacy (1.5) | system - debug (1.5) | system - backlinks (1.5) | security - jhackguard (1.0.11) | system - remember me (1.5) | system - sef (1.5) | system - cache (1.5) | system - mootools upgrade (1.5) | system - adminexile (1.4) | authentication - ldap (1.5) | authentication - example (1.5) | authentication - openid (1.5) | authentication - gmail (1.5) | authentication - joomla (1.5) | simple image gallery plug (1.6.2) | content - email cloaking (1.5) | content - code highlighter (ge (1.5) | content - image gallery - sigp (1.3.1.8) | enbed pdf's (1.7) | content - page navigation (1.5) | content - example (1.0) | content - load modules (1.5) | content - [youtube] video embedd (1.1) | content - pagebreak (1.5) | content - vote (1.5) | search - contacts (1.5) | search - weblinks (1.5) | search - sections (1.5) | search - categories (1.5) | search - content (1.5) | search - newsfeeds (1.5) | button - image (1.0.0) | button - pagebreak (1.5) | button - readmore (1.5) | editor - tinymce 3 (3.2.6) | editor - xstandard lite jo (1.0) | xml-rpc - blogger api (1.0) | xml-rpc - joomla api (1.0) |
templates discovered :: wrote:templates :: site :: rettigframes_1024 (1.0) | rettigframes_1000 (1.0) | rettig new header (1.0) | rettig new headerfplhm25center (1.0) | rettig new header contact (1.0) |
templates :: admin :: khepri (1.0) |

did follow checklist 7 ? or sticky , "before post read this"?





Comments

Post a Comment