Home arrow Forum Possible hack
  Welcome, Guest. Please login or register.
Did you miss your activation email?
November 22, 2008, 05:37:01 PM
Home New Posts Search Calendar


Login with username, password and session length
+  Joomla Forum
|-+  Joomla Hacks
| |-+  Joomla-SMF Forum Support
| | |-+  Joomla-SMF 2.0.x (Moderators: -Wolverine, kai920)
| | | |-+  Possible hack		 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Possible hack  (Read 769 times)
Little Jedi
Joomla Newbie
*

Karma: +1/-0
Offline Offline

Posts: 26


View Profile WWW
Possible hack
« on: February 07, 2007, 10:26:41 AM »
Seems that someone is having fun in my forum.

Yesterday, someone tried to hack the forum, and had an alert message showing up. I wasnt there so i could see it.

Today, that person came back and i could get a glimpse of it.

What he did was creating a topic with the title :

<script>window.location.href("jokeend.free.fr/scripts/index2.htm");</script>

And posted the same in the message.

I'm actually using "recent messages" 2.0.2 from here, and when loading the wrapped module, i would stop seeing the page after the 2nd one (message i mean). When i entered the forum directly (without wrap), it was working without any problem.

So after a quick thinking, and seeing that the main page had the same problem (using recent messages module there too), i knew that it has something to do with it.

After deleting that topic, everything went back to normal.

So i came here to report the problem. It someone has any idea how to solve it.

SMF : 1.1.1
Joomla 1.0.12
Theme : Mobius
Logged
Joomla : 1.0.11
CB : 1.0.2
JSMF : 2.0 Final
SMF : 1.1.1
-Wolverine
Moderator
Joomla Guru
*****

Karma: +376/-34
Offline Offline

Posts: 3393


Lead Developer


View Profile WWW
Re: Possible hack
« Reply #1 on: February 07, 2007, 11:03:10 AM »
I'm curious how SMF allows a title with <script> tags to even be submitted?
Logged
Need help?  Check Here First!
Get the JSMF User Guide
SEARCH this forum.
Little Jedi
Joomla Newbie
*

Karma: +1/-0
Offline Offline

Posts: 26


View Profile WWW
Re: Possible hack
« Reply #2 on: February 07, 2007, 11:11:08 AM »
I did a local test, like :


<script>alert('Coucou de M3')</script>

Only seen by the mods and admins, and it did work.

The fix that i'm using now is to replace the word script by "s-c-r-i-p-t".

Want to test it on your website ? and put a script text in the admin section so you could see it without getting everyone worried Cheesy (put the script in the subject).

As for SMF, in the unwrapped mode, it doesnt do anyhting, they must have used something to avoid to "launch" the scripts.

This week is gonna be a long one, seems that 7 hackers want to hack the website Wink
« Last Edit: February 07, 2007, 11:12:43 AM by Little Jedi » Logged
Joomla : 1.0.11
CB : 1.0.2
JSMF : 2.0 Final
SMF : 1.1.1
Pages: [1] Go Up Print 
« previous next »
Jump to:  



Login with username, password and session length

Powered by MySQL Powered by PHP Joomla Forum | Powered by SMF 1.1 RC1.
© 2001-2005, Lewis Media. All Rights Reserved.
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!

Joomla Hacks is a Joomla Components, Joomla Modules, Joomla Templates, & Joomla Mambots resource portal. None of the text or images in this public website may be copied without the expressed written consent of the authors. Copyright 2005 by JoomlaHacks.com. Powered by Joomla. All rights reserved.
Terms of Use
Joomla Hacks



Joomla Hacks
 German Lang French Lang Italian Lang Spanish Lang Japanese Lang Chinese Lang
i-Vibe.com
Search Contact About Advertise Blogs Topsites Submit News Register Login