May 04

Mambo Hacked

Add comments

I help maintain a website which uses Mambo a content management system written in PHP. The website ran smoothly for 3 years until it got hacked a few times a few weeks ago. Here are some of the faults which allowed the site to be hacked:

  1. Some of the files had writeable permission for ‘others’.
  2. The owner of the file was the same owner as what Apache was running on.
  3. The group permission of the file was writable and was the same group as what Apache was running on.
  4. Some of the third party extensions for Mambo had vunerabilities which excluded the following line in their php files:

    /** ensure this file is being included by a parent file */
    defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.');

The first 3 vunerabilites only allowed defacing of the website, whereas the last one caused major problems because the hacker found it’s way into the database.

Related posts:

  1. Permalinks in WordPress
  2. Apache HTTP Authentication
  3. SSH Authentication with public-key
  4. Drupal Quickstart Guide
  5. Samba on Ubuntu Quickstart Guide

Comments are closed.

WP Theme & Icons by N.Design Studio
Entries RSS Comments RSS Log in