Keyword
Please note that official support for commercial extensions & templates is provided in the Subscriber Help Desk.
Support requests should ONLY be directed there and require an active subscription plan.
This forum board is to be used for archive purposes and knowledge exchange ONLY.

Website hacked by multithumb

  • johnstevens
  • johnstevens's Avatar Topic Author
  • Offline
  • New Member
More
17 years 2 months ago - 17 years 2 months ago #8010 by johnstevens
Website hacked by multithumb was created by johnstevens
Our webserver was hacked recently and we have the feeling they came in via SIG Pro.

We had many attempts in our logfiles like the one below...


[mod note: message deleted for user's privacy. The issue is with Multithumb. Please follow the steps described below by Vinikey and if possible contact Multithumb's developer]

Please Log in or Create an account to join the conversation.

  • JoomlaWorks Support Team
  • JoomlaWorks Support Team's Avatar
  • Offline
  • Platinum Member
More
17 years 2 months ago - 17 years 2 months ago #8011 by JoomlaWorks Support Team
Replied by JoomlaWorks Support Team on topic Re: Website hacked by multithumb
The problem have to do with the file
mambots/content/multithumb/multithumb.php
and IT ISN'T a SIG Pro file!

Probably, in this file, the variable $mosConfig_absolute_path it isn't sanitize
and cause your server have the register_globals on ( big mistake second me ) anyone can pass through the url bar his custom $mosConfig_absolute_path.

Do that
1st check the file mambots/content/multithumb/multithumb.php and sanitize the variable $mosConfig_absolute_path
2nd turn off the registers_global in your php.ini

Thank you!

You can also read this post
forum.joomla.org/index.php?topic=222801.msg1038174
about the security issues of various versions of the multithumb!

JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)

Please Log in or Create an account to join the conversation.


Powered by Kunena Forum