1. Forums
  3. Archive
  5. Advanced Members Support
  7. :443 hack?

:443 hack?

13 years 1 month ago #160365 by porlhews
:443 hack? was created by porlhews
Hi all,

I think I've been hacked by a somewhat playful attacker as they have changed the details of one of my users and had a look around the members area content but appear to have done little else.

I'm running Joomla 1.5.22 with community builder version 1.2.3.

Somebody visited my site using the following address:

www.mysite.co.uk:443/index.php?option=com_comprofiler&task=registers

They then proceeded to view a number of pages in my members area; looking at the addresses visited, I believe they registered themselves as an administrator on my site which then allowed them to edit content in the members area.

Please can you advise me if this sounds like an unknown vulnerability or if it appears to be a fault in my setup - I've had a look for information regarding including :443 in the address but not found any obvious leads?

Kind regards,

Paul Hughes

Please Log in to join the conversation.

13 years 1 month ago #160372 by nant
Replied by nant on topic Re: :443 hack?
Well your CB version is very old - please update asap to latest CB 1.4 version.

I doubt that the hacking was done through CB, flagging this post for other members to respond later when available.
--
Nick (nant)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Tutorials + Search the forums
For more add-ons and support: Upgrade your membership
Links: Community Builder - Languages - Adv/Pro/Dev membership - CBSubs Paid Subscriptions - GPL Templates - Hosting

Visit my CB Profile - Send me a Private Message (PM)

Please Log in to join the conversation.

13 years 1 month ago #160377 by porlhews
Replied by porlhews on topic Re: :443 hack?
Hi Nick,

Thanks for the quick reply. I realise that my versions were old; so I've updated my CB and joomla.

I wrote to the joomla strike team who told me that this was a third party issue and did not point me to anyone; as the 443 hack was injected into the CB registration page (I think), I figured CB was my next port of call.

Please could you advise me as to how I identify where the vulnerability lies?

Please Log in to join the conversation.

13 years 1 month ago #160393 by beat
Replied by beat on topic Re: :443 hack?
Hi Paul,

I have private-messaged you my email address to which you can send me the access logs for analysis.

Having certain accesses doesn't mean that the hack went through there.

E.g. Some hackers attack your home or office PC to get your FTP password from your PC and then use them to access "normally" the server.

But once I have the access log as well as the time span where the hack happened, and maybe the suspect IP adresses, things will be clearer.

Best Regards,
Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info

Please Log in to join the conversation.

Moderators: beatnantkrileon
  1. Forums
  3. Archive
  5. Advanced Members Support
  7. :443 hack?
Time to create page: 0.201 seconds

Facebook Twitter LinkedIn

    You are here:  
  1. Home
  2. Forums
  3. Archive
  4. Advanced Members Support
  5. :443 hack?

Search

Login / Logout

User Menu