One of my joomla webpages has been hacked. Please help.

Discussion in 'Python' started by Íßêïò Ãêñååê, Sep 21, 2012.

  1. Hello,

    One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins ago.

    I logged into CPanel but the joomla files seem ok.

    but when i view page code with chrome i get the source code, i dont knwo of which file thaty contains javascript inside.

    Please visit my web page varsa.gr and view the source code and maybe you can tell me what has happened.

    I would be gratefull for any help you provide me.

    I know this is not a python question but you guyshave high knowledge of web sites programming and i though you wouldnt mind helping me out.

    Thank you very much.
     
    Íßêïò Ãêñååê, Sep 21, 2012
    #1
    1. Advertising

  2. On Sat, Sep 22, 2012 at 4:45 AM, Íßêïò Ãêñååê <> wrote:
    > One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins ago.
    >
    > I know this is not a python question but you guyshave high knowledge of web sites programming and i though you wouldnt mind helping me out.


    No, this is not a Python question. I would recommend looking for
    Joomla-specific help. And when you do, you'll find out that these
    sorts of web frameworks have vulnerabilities just like every other big
    program seems to, with Joomla looking like a happy member of the
    Windows family.

    ChrisA
     
    Chris Angelico, Sep 22, 2012
    #2
    1. Advertising

  3. On Fri, 21 Sep 2012 11:45:14 -0700, Îίκος ΓκÏεεκ wrote:

    > One webpage of mine, [url redacted] has been *hacked* 15 mins ago.

    [...]
    > I would be gratefull for any help you provide me.


    Yeah yeah, sure. Is this an attempt to get people to visit your web site
    so it can do a drive-by install of malware?


    > I know this is not a python question


    But you asked anyway. Why don't you ask your car mechanic to fix your
    plumbing, or go to the doctor to ask advice on how to cook pizza?



    --
    Steven
     
    Steven D'Aprano, Sep 22, 2012
    #3
  4. On Sat, Sep 22, 2012 at 11:42 AM, Steven D'Aprano
    <> wrote:
    > But you asked anyway. Why don't you ask your car mechanic to fix your
    > plumbing, or go to the doctor to ask advice on how to cook pizza?


    Or your plumber to rescue the princess who's in another castle...

    ChrisA
     
    Chris Angelico, Sep 22, 2012
    #4
  5. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 4:42:35 ð.ì. UTC+3, ï ÷ñÞóôçò Steven D'Aprano Ýãñáøå:
    > On Fri, 21 Sep 2012 11:45:14 -0700, Íßêïò Ãêñååê wrote:
    >
    >
    >
    > > One webpage of mine, [url redacted] has been *hacked* 15 mins ago.

    >
    > [...]
    >
    > > I would be gratefull for any help you provide me.

    >
    >
    >
    > Yeah yeah, sure. Is this an attempt to get people to visit your web site
    >
    > so it can do a drive-by install of malware?
    >
    >
    >
    >
    >
    > > I know this is not a python question

    >
    >
    >
    > But you asked anyway. Why don't you ask your car mechanic to fix your
    >
    > plumbing, or go to the doctor to ask advice on how to cook pizza?


    I was not into my intention to infect you with drive-by malware, it just myweb site got defaced and i wanted info on how they did it.

    The web host company pulled a previous backup and now its all good.

    My apologies for the annoyance i have coused you all i wanted was some insight so to make sure this wont happen again( it already happened 2 times by now).
     
    Íßêïò Ãêñååê, Sep 22, 2012
    #5
  6. Íßêïò Ãêñååê

    Peter Otten Guest

    Peter Otten, Sep 22, 2012
    #6
  7. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 10:26:05 ð.ì. UTC+3, ï ÷ñÞóôçò Peter Otten Ýãñáøå:
    > Íßêïò Ãêñååê wrote:
    >
    >
    >
    > > One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins ago..

    >
    >
    >
    > > Please visit my web page varsa.gr and view the source code and maybe you

    >
    > > can tell me what has happened.

    >
    >
    >
    > Do you use a password that was exposed in the other thread,
    >
    >
    >
    > http://mail.python.org/pipermail/python-list/2012-September/630779.html
    >
    >
    >
    > ?

    No, that was for another web page of mine utilizing python mysql connection, this was joomla only website which remind me to also ask if i can embed somwhow python code to joomla cms.
     
    Íßêïò Ãêñååê, Sep 22, 2012
    #7
  8. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 10:26:05 ð.ì. UTC+3, ï ÷ñÞóôçò Peter Otten Ýãñáøå:
    > Íßêïò Ãêñååê wrote:
    >
    >
    >
    > > One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins ago..

    >
    >
    >
    > > Please visit my web page varsa.gr and view the source code and maybe you

    >
    > > can tell me what has happened.

    >
    >
    >
    > Do you use a password that was exposed in the other thread,
    >
    >
    >
    > http://mail.python.org/pipermail/python-list/2012-September/630779.html
    >
    >
    >
    > ?

    No, that was for another web page of mine utilizing python mysql connection, this was joomla only website which remind me to also ask if i can embed somwhow python code to joomla cms.
     
    Íßêïò Ãêñååê, Sep 22, 2012
    #8
  9. Íßêïò Ãêñååê

    Dwight Hutto Guest

    On Fri, Sep 21, 2012 at 2:45 PM, Íßêïò Ãêñååê <> wrote:
    > Hello,
    >
    > One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins ago.
    >

    The others are right, this is a joomla question, unless you're
    allowing execution of code by members and they utilize python.

    My questions:
    Only one? From my experience of joomla, you can allow your posters to
    execute code within their postings by utilizing certain plugins.

    It seems odd that only one page was hacked, or that they let you know,
    and didn't try db access.

    But it seems you're site had a hosting backup, but make sure to
    subscribe to the joomla update and security list, plus change the
    passwords.

    > I logged into CPanel but the joomla files seem ok.


    Did you have a backup of the file structure, and a zipped db backup,
    then check for new security flaws/change passwords/etc?

    > but when i view page code with chrome i get the source code, i dont knwo of which file thaty contains javascript inside.
    >
    > Please visit my web page varsa.gr and view the source code and maybe you can tell me what has happened.
    >
    > I would be gratefull for any help you provide me.
    >
    > I know this is not a python question but you guyshave high knowledge of web sites programming and i though you wouldnt mind helping me out.


    Yeah, programming, but joomla is html, php, css, and javascript, but I
    don't remember much python there.


    Best Regards,
    David Hutto
    CEO: http://www.hitwebdevelopment.com
     
    Dwight Hutto, Sep 22, 2012
    #9
  10. Íßêïò Ãêñååê

    Kev Dwyer Guest

    Îίκος ΓκÏεεκ wrote:

    > Τη Σάββατο, 22 ΣεπτεμβÏίου 2012 10:26:05 Ï€.μ. UTC+3, ο χÏήστης Peter Otten
    > έγÏαψε:
    >> Îίκος ΓκÏεεκ wrote:
    >>
    >>
    >>
    >> > One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins
    >> > ago.

    >>
    >>
    >>
    >> > Please visit my web page varsa.gr and view the source code and maybe
    >> > you

    >>
    >> > can tell me what has happened.

    >>
    >>
    >>
    >> Do you use a password that was exposed in the other thread,
    >>
    >>
    >>
    >> http://mail.python.org/pipermail/python-list/2012-September/630779.html
    >>
    >>
    >>
    >> ?

    > No, that was for another web page of mine utilizing python mysql
    > connection, this was joomla only website which remind me to also ask if i
    > can embed somwhow python code to joomla cms.



    This is only speculation, as I don't know exactly how your web page has been
    "hacked", but if your page somehow exposes a database connection, and the
    hack involves changing the contents of the database then you should read up
    on SQL injection attacks and how to prevent them.

    Cheers,

    Kev
     
    Kev Dwyer, Sep 22, 2012
    #10
  11. On Sat, 22 Sep 2012 11:13:43 +0100, Kev Dwyer wrote:

    > This is only speculation, as I don't know exactly how your web page has
    > been "hacked", but if your page somehow exposes a database connection,
    > and the hack involves changing the contents of the database then you
    > should read up on SQL injection attacks and how to prevent them.


    This is joomla, that is, PHP. There are a bazillion ways to hack PHP. By
    the OP's own account, his website has been hacked twice before and he's
    done nothing to fix the vulnerability, just restored from backup. He'll
    be hacked again, and again, and again.

    Why are we discussing this? It has nothing to do with Python and is
    completely off-topic for this list.


    --
    Steven
     
    Steven D'Aprano, Sep 22, 2012
    #11
  12. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 4:09:37 ì.ì. UTC+3, ï ÷ñÞóôçò Steven D'Aprano Ýãñáøå:
    > On Sat, 22 Sep 2012 11:13:43 +0100, Kev Dwyer wrote:
    >
    >
    >
    > > This is only speculation, as I don't know exactly how your web page has

    >
    > > been "hacked", but if your page somehow exposes a database connection,

    >
    > > and the hack involves changing the contents of the database then you

    >
    > > should read up on SQL injection attacks and how to prevent them.

    >
    >
    >
    > This is joomla, that is, PHP. There are a bazillion ways to hack PHP. By
    >
    > the OP's own account, his website has been hacked twice before and he's
    >
    > done nothing to fix the vulnerability, just restored from backup. He'll
    >
    > be hacked again, and again, and again.
    >
    >
    >
    > Why are we discussing this? It has nothing to do with Python and is
    >
    > completely off-topic for this list.
    >
    >
    >
    >
    >
    > --
    >
    > Steven


    But how am i supposed to fix this vulnerability if i don't know which one is it?

    My guess is they used joomlas template to insert arbitrary code but thats just a guess.
     
    Íßêïò Ãêñååê, Sep 22, 2012
    #12
  13. On Sun, Sep 23, 2012 at 12:44 AM, Íßêïò Ãêñååê <> wrote:
    > But how am i supposed to fix this vulnerability if i don't know which oneis it?
    >
    > My guess is they used joomlas template to insert arbitrary code but thatsjust a guess.


    The answer to that is a thing called "research", and you'll usually
    find a lot of it at the other end of a web search. Also, you may want
    to look into what it means to be a web site administrator. It doesn't
    simply involve throwing down some code that someone else wrote and
    expecting it to work.

    If you want a web site without having to manage it yourself, consider
    a blog instead - someone else hosts it and worries about security, and
    you just post your content to it. It's a far FAR easier option, as
    long as what you want can be shoehorned into someone else's layout
    design.

    Neither of these options involves any Python coding, so if you want
    further assistance with them, I recommend looking for a forum
    dedicated to the technology you use.

    ChrisA
     
    Chris Angelico, Sep 22, 2012
    #13
  14. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 5:57:41 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sun, Sep 23, 2012 at 12:44 AM, Íßêïò Ãêñååê <> wrote:
    >
    > > But how am i supposed to fix this vulnerability if i don't know which one is it?

    >
    > >

    >
    > > My guess is they used joomlas template to insert arbitrary code but thats just a guess.

    >
    >
    >
    > The answer to that is a thing called "research", and you'll usually
    >
    > find a lot of it at the other end of a web search. Also, you may want
    >
    > to look into what it means to be a web site administrator. It doesn't
    >
    > simply involve throwing down some code that someone else wrote and
    >
    > expecting it to work.
    >
    >
    >
    > If you want a web site without having to manage it yourself, consider
    >
    > a blog instead - someone else hosts it and worries about security, and
    >
    > you just post your content to it. It's a far FAR easier option, as
    >
    > long as what you want can be shoehorned into someone else's layout
    >
    > design.
    >
    >
    >
    > Neither of these options involves any Python coding, so if you want
    >
    > further assistance with them, I recommend looking for a forum
    >
    > dedicated to the technology you use.
    >
    >
    >
    > ChrisA


    Okey i'll ask this to the officila joomla forum, one last thing though.

    Is there a way to somehow embed(or utilize) python code, for example my python counter code script you have seen last week inside my Joomla/WordPress cms sites?

    For example:

    http://superhost.gr/ is my main website utilizing python counter script.

    http://superhost.gr/html/?show=log is my own way(i prefer it over awstats- don't ask why) for viewing my visitors.

    in my other sites which are CMS sites, like

    http://varsa.gr
    and
    http://thessalonik.wordpress.com/

    is there a possible way to embed(if thats the term) my python counter script there too?

    so i can keep track of visitors info for each page i have there?
     
    Íßêïò Ãêñååê, Sep 22, 2012
    #14
  15. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 5:57:41 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sun, Sep 23, 2012 at 12:44 AM, Íßêïò Ãêñååê <> wrote:
    >
    > > But how am i supposed to fix this vulnerability if i don't know which one is it?

    >
    > >

    >
    > > My guess is they used joomlas template to insert arbitrary code but thats just a guess.

    >
    >
    >
    > The answer to that is a thing called "research", and you'll usually
    >
    > find a lot of it at the other end of a web search. Also, you may want
    >
    > to look into what it means to be a web site administrator. It doesn't
    >
    > simply involve throwing down some code that someone else wrote and
    >
    > expecting it to work.
    >
    >
    >
    > If you want a web site without having to manage it yourself, consider
    >
    > a blog instead - someone else hosts it and worries about security, and
    >
    > you just post your content to it. It's a far FAR easier option, as
    >
    > long as what you want can be shoehorned into someone else's layout
    >
    > design.
    >
    >
    >
    > Neither of these options involves any Python coding, so if you want
    >
    > further assistance with them, I recommend looking for a forum
    >
    > dedicated to the technology you use.
    >
    >
    >
    > ChrisA


    Okey i'll ask this to the officila joomla forum, one last thing though.

    Is there a way to somehow embed(or utilize) python code, for example my python counter code script you have seen last week inside my Joomla/WordPress cms sites?

    For example:

    http://superhost.gr/ is my main website utilizing python counter script.

    http://superhost.gr/html/?show=log is my own way(i prefer it over awstats- don't ask why) for viewing my visitors.

    in my other sites which are CMS sites, like

    http://varsa.gr
    and
    http://thessalonik.wordpress.com/

    is there a possible way to embed(if thats the term) my python counter script there too?

    so i can keep track of visitors info for each page i have there?
     
    Íßêïò Ãêñååê, Sep 22, 2012
    #15
  16. On Sun, Sep 23, 2012 at 4:13 AM, Íßêïò Ãêñååê <> wrote:
    > Is there a way to somehow embed(or utilize) python code, for example my python counter code script you have seen last week inside my Joomla/WordPress cms sites?


    You probably could. But I reiterate, you're going about things all
    backwards. Keep things way WAY simpler and just do some basic parsing
    of your web logs after the event. Life is so much easier that way.

    ChrisA
     
    Chris Angelico, Sep 22, 2012
    #16
  17. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 9:18:02 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sun, Sep 23, 2012 at 4:13 AM, Íßêïò Ãêñååê <> wrote:
    >
    > > Is there a way to somehow embed(or utilize) python code, for example mypython counter code script you have seen last week inside my Joomla/WordPress cms sites?

    >
    >
    >
    > You probably could. But I reiterate, you're going about things all
    >
    > backwards. Keep things way WAY simpler and just do some basic parsing
    >
    > of your web logs after the event. Life is so much easier that way.
    >
    >
    >
    > ChrisA


    Out of curiocity how would i used my python counter source code along with Joomla?
     
    Íßêïò Ãêñååê, Sep 23, 2012
    #17
  18. Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 9:18:02 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sun, Sep 23, 2012 at 4:13 AM, Íßêïò Ãêñååê <> wrote:
    >
    > > Is there a way to somehow embed(or utilize) python code, for example mypython counter code script you have seen last week inside my Joomla/WordPress cms sites?

    >
    >
    >
    > You probably could. But I reiterate, you're going about things all
    >
    > backwards. Keep things way WAY simpler and just do some basic parsing
    >
    > of your web logs after the event. Life is so much easier that way.
    >
    >
    >
    > ChrisA


    Out of curiocity how would i used my python counter source code along with Joomla?
     
    Íßêïò Ãêñååê, Sep 23, 2012
    #18
  19. On Sun, Sep 23, 2012 at 12:52 PM, Íßêïò Ãêñååê <> wrote:
    > Ôç ÓÜââáôï, 22 Óåðôåìâñßïõ 2012 9:18:02 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    >> On Sun, Sep 23, 2012 at 4:13 AM, Íßêïò Ãêñååê <> wrote:
    >>
    >> > Is there a way to somehow embed(or utilize) python code, for example my python counter code script you have seen last week inside my Joomla/WordPress cms sites?

    >>
    >> You probably could. But I reiterate, you're going about things all
    >> backwards. Keep things way WAY simpler and just do some basic parsing
    >> of your web logs after the event. Life is so much easier that way.
    >>

    >
    > Out of curiocity how would i used my python counter source code along with Joomla?


    Easy. Look for what common sense would recommend, then turn 180
    degrees. Let me know when you get there and we'll send the rest of the
    directions.

    -- paraphrasing what a stupid American tourist was told about
    directions in Australia

    ChrisA
     
    Chris Angelico, Sep 23, 2012
    #19
  20. On Sat, 22 Sep 2012 19:52:00 -0700, Îίκος ΓκÏεεκ wrote:

    > Out of curiocity how would i used my python counter source code along
    > with Joomla?



    This is not a Joomla forum. We do not know how to run code in Joomla.
    Regardless of whether the code is Python, or Perl, or Lisp, or Lua, or
    any of thousands of different languages, your question is about Joomla.
    Please ask it on a Joomla forum.

    And when you are there, don't ask them to fix your Python bugs.


    --
    Steven
     
    Steven D'Aprano, Sep 23, 2012
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. David Carter

    Have I been Hacked???????

    David Carter, Jan 23, 2005, in forum: ASP .Net
    Replies:
    5
    Views:
    546
    Kevin Spencer
    Jan 24, 2005
  2. walterbyrd

    Can I use Python instead of Joomla?

    walterbyrd, May 2, 2007, in forum: Python
    Replies:
    9
    Views:
    389
    walterbyrd
    May 4, 2007
  3. Knut Krueger

    Joomla CSS question

    Knut Krueger, Jun 5, 2008, in forum: HTML
    Replies:
    1
    Views:
    343
  4. Weasley
    Replies:
    0
    Views:
    384
    Weasley
    Dec 11, 2009
  5. PSD to XHTML Conversion Services and PSD to HTML C
    Replies:
    0
    Views:
    932
    PSD to XHTML Conversion Services and PSD to HTML C
    Apr 25, 2011
Loading...

Share This Page