- Posts: 22
COMMUNITY FORUM
Joomla 3.4.1 with K2 2.6.9 got gehacked
- sunconcept
-
Topic Author
- Offline
- Junior Member
Less
More
9 years 3 months ago #145172
by sunconcept
Joomla 3.4.1 with K2 2.6.9 got gehacked was created by sunconcept
Hi Guys,
this morning, I got an information from one of our customers, that their website got hacked.
The hoster has informed the customer, that the attack got through a security hole in the K2 component.
1 Analysis
1.1 A security hole in the following software allowed the attack
- Joomla!
- Joomla! PlugIn K2
The following files are at least been abused:
./joomla_3/index.php
./joomla_3/administrator/components/com_k2/*
./joomla_3/components/com_k2/*
1.2 Through this gateway, the attackers managed to create the following content in your website :
www.xxx.de/index.php/component/k2/itemlist/user/1394
The website has the latest Joomla and the latest version of K2 installed. What more wen we do for the safety of the website now?
Does this mean that now all K2 systems can be hacked? We have about 20 websites run by K2 ...
We hoped that K2 v3 will released soon, but we are waiting for more than a half year now, with no further information...
Can someone help me ?
Greetings
Tobias
this morning, I got an information from one of our customers, that their website got hacked.
The hoster has informed the customer, that the attack got through a security hole in the K2 component.
1 Analysis
1.1 A security hole in the following software allowed the attack
- Joomla!
- Joomla! PlugIn K2
The following files are at least been abused:
./joomla_3/index.php
./joomla_3/administrator/components/com_k2/*
./joomla_3/components/com_k2/*
1.2 Through this gateway, the attackers managed to create the following content in your website :
www.xxx.de/index.php/component/k2/itemlist/user/1394
The website has the latest Joomla and the latest version of K2 installed. What more wen we do for the safety of the website now?
Does this mean that now all K2 systems can be hacked? We have about 20 websites run by K2 ...
We hoped that K2 v3 will released soon, but we are waiting for more than a half year now, with no further information...
Can someone help me ?
Greetings
Tobias
Please Log in or Create an account to join the conversation.
- Krikor Boghossian
-
- Offline
- Platinum Member
Less
More
- Posts: 15920
9 years 3 months ago #145182
by Krikor Boghossian
JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Replied by Krikor Boghossian on topic Joomla 3.4.1 with K2 2.6.9 got gehacked
K2 does not have any security holes.
If someone got their credentials and posted new content this is not K2's fault.
The link you sent me is a link towards a user's items. If I understand correctly the 'intruder's' profile.
Make sure that a) you do not have an easy pass and b) you have properly setup your your K2 User Groups so that registered users cannot publish items.
If someone got their credentials and posted new content this is not K2's fault.
The link you sent me is a link towards a user's items. If I understand correctly the 'intruder's' profile.
Make sure that a) you do not have an easy pass and b) you have properly setup your your K2 User Groups so that registered users cannot publish items.
JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Please Log in or Create an account to join the conversation.
- sunconcept
-
- Offline
- Junior Member
Less
More
- Posts: 22
9 years 3 months ago #145187
by sunconcept
Replied by sunconcept on topic Joomla 3.4.1 with K2 2.6.9 got gehacked
Thanks for the reply.
The problem was that we did not have disabled the Joomla user registration or protected it with captcha.
So the bot could insert 100.000 thousands of users, which automatically were added to the K2 users. They don't had persmissions for something, but the database became so big, that the hoster disabled the website. So the problem was not K2.
We played a little bit with K2 v3 beta lately and it worked and looked very well! So we dont understand, why theres no progress or news about v3. Are there any updates?
Greetings
The problem was that we did not have disabled the Joomla user registration or protected it with captcha.
So the bot could insert 100.000 thousands of users, which automatically were added to the K2 users. They don't had persmissions for something, but the database became so big, that the hoster disabled the website. So the problem was not K2.
We played a little bit with K2 v3 beta lately and it worked and looked very well! So we dont understand, why theres no progress or news about v3. Are there any updates?
Greetings
Please Log in or Create an account to join the conversation.
- Krikor Boghossian
-
- Offline
- Platinum Member
Less
More
- Posts: 15920
9 years 3 months ago - 9 years 3 months ago #145197
by Krikor Boghossian
JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Replied by Krikor Boghossian on topic Joomla 3.4.1 with K2 2.6.9 got gehacked
Yes of couse :)
It will be released in JoomlaDay Brazil.
www.joomlaworks.net/blog/item/259-k2-v3-0-to-be-officially-unveiled-in-joomladay-brasil-2015
Finally you where not really hacked. If new users where created and no one had access to the backend, then I think your site is safe.
It will be released in JoomlaDay Brazil.
www.joomlaworks.net/blog/item/259-k2-v3-0-to-be-officially-unveiled-in-joomladay-brasil-2015
Finally you where not really hacked. If new users where created and no one had access to the backend, then I think your site is safe.
JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)
Last edit: 9 years 3 months ago by Krikor Boghossian.
Please Log in or Create an account to join the conversation.