ez 3.1.4 is hacked.

Previous topic

Developer

Next topic

Author	Message
Softriva .com	Friday 12 March 2010 2:57:42 am Hello, can some help me! --- what is this? Please see link bellow http://www.softriva.com/khdmatna
Steven E. Bailey	Friday 12 March 2010 4:23:26 am I hope you mean 4.1.4 - otherwise, I'd say I'd be very surprised if some software from 7 years ago didn't get hacked. It looks like someone might have overwritten a line view or block view of whatever object that is on the front page - or perhaps the pagelayout.tpl - and added their own link - that's my first guess. Otherwise, it could have been injected into the database - which should be visible if you try to edit the object. It's also - if it's 4.1.4 - unlikely that eZPublish was hacked, rather some other part of your setup was compromised. I saw some exploit about the windows version of apache last weekend if I recall correctly - here it is: http://www.senseofsecurity.com.au/advisories/SOS-10-002 Certified eZPublish developer http://ez.no/certification/verify/396111 Available for ezpublish troubleshooting, hosting and custom extension development: http://www.leidentech.com

Author

Message

Softriva .com

Friday 12 March 2010 2:57:42 am

Hello,

can some help me! --- what is this? Please see link bellow

http://www.softriva.com/khdmatna

Steven E. Bailey

Friday 12 March 2010 4:23:26 am

I hope you mean 4.1.4 - otherwise, I'd say I'd be very surprised if some software from 7 years ago didn't get hacked.

It looks like someone might have overwritten a line view or block view of whatever object that is on the front page - or perhaps the pagelayout.tpl - and added their own link - that's my first guess. Otherwise, it could have been injected into the database - which should be visible if you try to edit the object.

It's also - if it's 4.1.4 - unlikely that eZPublish was hacked, rather some other part of your setup was compromised. I saw some exploit about the windows version of apache last weekend if I recall correctly - here it is: http://www.senseofsecurity.com.au/advisories/SOS-10-002

Certified eZPublish developer
http://ez.no/certification/verify/396111

Available for ezpublish troubleshooting, hosting and custom extension development: http://www.leidentech.com

eZ debug

Timing:	Jan 18 2025 18:39:25
Script start
Timing:	Jan 18 2025 18:39:25
Module start 'layout'
Timing:	Jan 18 2025 18:39:25
Module start 'content'
Timing:	Jan 18 2025 18:39:26
Module end 'content'
Timing:	Jan 18 2025 18:39:26
Script end

Main resources:

Total runtime	1.0945 sec
Peak memory usage	4,096.0000 KB
Database Queries	54

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0058	588.9453	152.6094
Module start 'layout'	0.0058	0.0038	741.5547	39.4141
Module start 'content'	0.0096	1.0835	780.9688	523.6797
Module end 'content'	1.0931	0.0013	1,304.6484	8.1875
Script end	1.0944		1,312.8359

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0037	0.3358	16	0.0002
Check MTime	0.0013	0.1203	16	0.0001
Mysql Total
Database connection	0.0010	0.0905	1	0.0010
Mysqli_queries	1.0487	95.8218	54	0.0194
Looping result	0.0006	0.0518	52	0.0000
Template Total	1.0573	96.6	2	0.5287
Template load	0.0023	0.2085	2	0.0011
Template processing	1.0550	96.3978	2	0.5275
Template load and register function	0.0002	0.0164	1	0.0002
states
state_id_array	0.0013	0.1198	1	0.0013
state_identifier_array	0.0014	0.1286	2	0.0007
Override
Cache load	0.0019	0.1744	11	0.0002
Sytem overhead
Fetch class attribute can translate value	0.0008	0.0732	2	0.0004
Fetch class attribute name	0.0018	0.1652	3	0.0006
XML
Image XML parsing	0.0007	0.0667	2	0.0004
class_abstraction
Instantiating content class attribute	0.0000	0.0010	3	0.0000
General
dbfile	0.0009	0.0829	17	0.0001
String conversion	0.0000	0.0010	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
2	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
2	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
1	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 7 Number of unique templates used: 5

Time used to render debug report: 0.0001 secs