COMMUNITY FORUM

Please note that official support for commercial extensions & templates is provided in the Subscriber Help Desk.
Support requests should ONLY be directed there and require an active subscription plan.
This forum board is to be used for archive purposes and knowledge exchange ONLY.

Website hacked by multithumb

Start
Prev
1
Next
End

johnstevens
Topic Author
Offline
New Member

16 years 6 months ago - 16 years 6 months ago #8010 by johnstevens

Website hacked by multithumb was created by johnstevens

Our webserver was hacked recently and we have the feeling they came in via SIG Pro.

We had many attempts in our logfiles like the one below...

[mod note: message deleted for user's privacy. The issue is with Multithumb. Please follow the steps described below by Vinikey and if possible contact Multithumb's developer]

Please Log in or Create an account to join the conversation.

JoomlaWorks Support Team
Offline
Platinum Member

16 years 6 months ago - 16 years 6 months ago #8011 by JoomlaWorks Support Team

Replied by JoomlaWorks Support Team on topic Re: Website hacked by multithumb

The problem have to do with the file
mambots/content/multithumb/multithumb.php
and IT ISN'T a SIG Pro file!

Probably, in this file, the variable $mosConfig_absolute_path it isn't sanitize
and cause your server have the register_globals on ( big mistake second me ) anyone can pass through the url bar his custom $mosConfig_absolute_path.

Do that
1st check the file mambots/content/multithumb/multithumb.php and sanitize the variable $mosConfig_absolute_path
2nd turn off the registers_global in your php.ini

Thank you!

You can also read this post
forum.joomla.org/index.php?topic=222801.msg1038174
about the security issues of various versions of the multithumb!

JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)

Please Log in or Create an account to join the conversation.

Start
Prev
1
Next
End