Thursday, August 7, 2008

Hacking Joomla Sites

Personally I like Joomla! based sites because it is easy to manage and sort things out even doing the SEO just like on wordpress blogging and even creating your own site design. But these days more and more Joomla! sites are getting hacked by anonymous hackers on the web globally. Reasons are easily be pointed out to unaware webmasters/owners of the site the installation of extensions or shall we say add-ons to Joomla resulting in a more vulnerable of getting exploited, massive damage and defacement to their site including loss of prospects, personal information, and on financial aspect.


How these events had happened? When the site owners pointed fingers to their hosts blaming for unsecured web server, failed security, failure monitoring and so forth. But they don’t know that by adding some extensions without checking first if the extension that they are using have a bugs or vulnerable to exploitation then it would be a major reason that their site is prone to hacking. For my personal experience I manage to obtain admin password hashes of several Joomla based sites in a minutes of exploiting using Google dork. Using MD5 hash cracker the encrypted MD5 passwords are converted into readable ascii letters. Fortunately a lot of web based MD5 cracker is available on the net making the cracking process speed up.

It is really a big issue for security aspect on your site if you are not aware of these kind of vulnerables and bugs of those extensions that you applied on your Joomla site. It is best advised to manage and update the extensions used (if update of such extension is available) then you should update it to address the known security issues to your site to avoid getting hacked.




0 komentar:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Sweet Tomatoes Printable Coupons