The risk is yours! We offer no guarantees, just tips! Hacking Joomla!

No, don't expect how-to's on black-hat hacking into a Joomla site - there we are providing how to modify the Joomla core and addons to get most out of it. This category is intended to be used by the white-hat hackers, Joomla siteowners who want to get out more from the system they have.

The pharma hack

The Paharma Hack (or Blackhat SEO Spam Hack) is a very elaborated hack wich is often unobserved for the regular visitors - and website owners - because does an ingenious trick: present a different version of your site for the searchengine bots. The site, for a long period of time looks and behaves normally for the regular visitors. This attack is very interesting because it is not visible to the normal user and the spam (generally about Viagra, Nexium, Cialis, etc) only shows up if the user agent is from Google’s crawler (googlebot). Also, the infection is a bit tricky to remove and if not done properly will keep reappearing. It's one of nastiest hacks you might have. We recommend hiring a specialist to remove it, because generally the infection reappears in no time after the site is "cleaned".

Botnet

The term botnet refers to a group of computers (sometimes called zombies) that have been infected with malware to perform tasks for whomever distributed said threat. This individual, or organization, controls the botnet by sending instructions to the zombies from one or more Command & Control (C&C) servers. This is one of most used techniques to carry out brute force attacks against servers - or group of servers.

 

CSRF Attack

A Cross Site Request Forgery (CSRF) attack relies on the trust a website has for a user to execute unauthorized requests and or transactions. For example, say a user is logged into their Joomla! websites' administrator interface in one tab and is browsing a compromised site in another tab.

Resource Injection

This attack consists of changing resource identifiers used by an application in order to perform a malicious task. When an application permits a user input to define a resource, like a file name or port number, this data can be manipulated to execute or access different resources.

Full Path Disclosure

Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection ) query to view the page source, require the attacker to have the full path to the file they wish to view. Then the attacker can use this info to perform other type of attacks based on the obtained information.

Vandalism and Hacking

Vandals often use hacking techniques to deface a website or destroy data and files, but there are also those who just want to steal resources (make use of other peoples' servers without their knowledge or permission) or to cover their tracks by stealthily making use of hardware owned by legitimate businesses to carry out processing for illegal operations or to relay spam and viruses to others.

Subcategories

Don't do this! We are not recommending doing ANY hacks in Joomla! core! You will compromise both upgradeability of your site - and potentially your security. But sometimes you are facing a situation when you need to do this... and then you can look up for a potential solution here. Use these tips only on your own risk - there are no guarantees!


Hacking the main add-ons, the components running under Joomla! to add new features, functionalities, to enhance or even to fix them

Template is an essential part of a Joomla site. It's not only simple HTML/CSS/PHP/JS wich let's you show your content, it's a genuine shell with endless of possibilities for success - and failure. There are defined not only how your site will look like for your human visitors, but also for searchengines too. So it's your primary tool in your SEO efforts.

And also it's first line of your defence too. Lots of security holes can be opened with a badly written template! And also, don't forget, that might be the biggest resource hog - so the first place to optimize your site's performance.

More: has a tremendous amount of power built in. You should unleash that, and master it.


Προώθηση ιστοσελίδων

You might heard lot of weird expressions and acronyms when is coming about hacking. What XSS, LFI and all these things are meaning? You can find'em here!

The module you just installed does not works exactly as you need it? Dont be lazy or shy, do some crafting, bricolage, whatewer you like - and are qualifyed for! DIY - Joomla style.

Visit http://glucosaminechondroitinfordogs.org to find out more regarding glucosamine chondroitin for dogs moonchild abafana base jozi mp3 download