|
|
SQL Injection Hack - 2007/09/14 13:14
I was checking my google webmaster stats and found a hacker site in another language linking to my site and targeting my domain! I couldn't read anything but the catagory was in english and the subject was SQL Injection. I checked here and found the 1.1.1 upgrade but then it dawned on me....
For the last month, one of my #1 google searches was for "index.php?option=com_gmaps"
I just figured it was someone interested in gmaps and wanting to see sites but I just put 2 & 2 together and realized hackers are searching on that string to find vulnerable sites!
So, my request would be someway to abstract out Gmaps from the URL. I'm going to change my OpenSEF settings as well.
Phew, glad I caught it in time!!!
The administrator has disabled public write access.
|
|
|
Re:SQL Injection Hack - 2007/09/14 19:45
FYI. I have searched for hacker sites to see if they mention any other vulnerabilities but I have yet to find one that shows anything but the SQL injection issue that was reported to us. As soon as it was reported to us, we closed the hole and made the update available as quickly as possible. If you haven't done so already, please download and install the most recent build.
The administrator has disabled public write access.
|
|
|
Re:SQL Injection Hack - 2007/09/14 20:07
Oh yeah, I upgraded immediately. I totally understand and thank you much for supporting the app and fixing the vulnerability!
I was trying to point out that it's important for webmasters to check their search history from Google and if you see hit activity on searches for Joomla components, be aware! It's probably hackers checking to see if you have something installed.
Here are hacker's google searches on my site in august:
"index php option com_gmaps"
inurl:index.php?option=com_gmaps
"/index.php?option=com_gmaps"
"org/index.php?option=com_gmaps" (i guess they figure orgs are easy prey!)
allinurl:"index.php?option=com_gmaps"
Regards, --Ken--
Post edited by: klh, at: 2007/09/14 20:14
The administrator has disabled public write access.
|
|
|
Re:SQL Injection Hack - 2007/09/14 20:25
I think I need to check my baseball site out. Good information. To be honest, I am not aware of how to eliminate com_gmaps part of the url since I think that is mandated by the Joomla framework.
I might look into that in one of the future builds. I just have to be careful as it could impact various links one may have created on their sites.
Again, good information and thanks for sharing!
Chris
The administrator has disabled public write access.
|
|
