Mambo Hacked

Posted on May 4, 2007 by Vincent Kong

I help maintain a website which uses Mambo a content management system written in PHP. The website ran smoothly for 3 years until it got hacked a few times a few weeks ago. Here are some of the faults which allowed the site to be hacked:

  1. Some of the files had writeable permission for ‘others’.
  2. The owner of the file was the same owner as what Apache was running on.
  3. The group permission of the file was writable and was the same group as what Apache was running on.
  4. Some of the third party extensions for Mambo had vunerabilities which excluded the following line in their php files:

    /** ensure this file is being included by a parent file */
    defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.');

The first 3 vunerabilites only allowed defacing of the website, whereas the last one caused major problems because the hacker found it’s way into the database.

Related posts:

  1. Apache HTTP Authentication
  2. Permalinks in WordPress
  3. SSH Authentication with public-key
  4. Drupal Quickstart Guide
  5. Tomcat 5.5 for Ubuntu Quickstart Guide
This entry was posted in Content Management and tagged . Bookmark the permalink.

Comments are closed.