Howto fix Joomla 1.5 hacking (token admin password reset exploit)

By secgeeks - Posted on May 24th, 2009

260

vote

Ever found your account suddenly have been hacked with direct FTP login with no trials and errors as if the hacker knew your password if you have Joomla installed then its time to upgrade your Joomla installation, your safe if your joomla installation is 1.5.6 or higher for exploit details check here or here .

the exploit is based on SQL injection that would just bypass the token entry page bringing you to the change admin password page and voila your done changing the administrator password.
Continue reading here....

Bookmark/Search this post with:

Similar entries

Recent blog posts

Newly Popular

Drupalit monthly

Drupalit weekly

Drupalit daily

Drupalit hottest

Drupalit latest

Recent comments

Problem solved!!!!
30 weeks 5 days ago
New version here
33 weeks 2 days ago
thanks for sharing.
1 year 2 weeks ago
links
1 year 2 weeks ago
Link to preplay
1 year 2 weeks ago
so now you are on linkedin
1 year 18 weeks ago
Outlook Email search tool
1 year 34 weeks ago
nice tool..
2 years 25 weeks ago
Preplay for windows
2 years 26 weeks ago
yeah,foxit is god
2 years 28 weeks ago

Get SecGeeks Feeds in your email:

Navigation

Who's online

There are currently 0 users and 6 guests online.

BlogRoll

Hack In The Box

http://maltainfosec.org
http://sipvicious.org/blog/
astalavista.com
Fake antivirus removal instructions

Partners

www.techmantras.com
Play Free Bingo at WikiBingo.co.uk
Find the latest Scratch Cards Games
Play bingo with no commitment-bingo winner.
Rent Sell Property
Post your Classified Ads for free
add your link here..