[TYPO3-english] Have I been hacked? Please help.

Andreas Becker ab.becker at web.de
Mon Mar 21 03:55:45 CET 2011


Hi Georg

Yes it is the common way to use install tool or localconf.php but you have
forgotten the most important part - The database itself! - and this has
nothing to do with TYPO3 security but with the security of tools used to
manage and modify the databases. Check out the Schaeuble and related
Incedents 2 1/2 years ago! Here this information has been exposed and days
afterwards people hacked into websites - which have already been secured
with common security measures but the hackers had already the database name
and passwords, so it was very easy for them to get into the system and make
the changes they wanted to make via Changes direct in the Databases.

It is not a secret that all php applications (not only those!) store the
database name and the database password as a clear readable text message.

Andi


On Sun, Mar 20, 2011 at 1:20 PM, Georg Ringer <typo3 at ringerge.org> wrote:

> Hi,
>
> first of all:
>
> If you feel that you have a security related issue, please contact the
> Security Team at security at typo3.org as this is the *only* place to discuss
> such things!
>
> Some additional information: A common hack which is not related to TYPO3 is
> via FTP. So please check all your index.* and all your js files if they have
> been modified lately and include some additional lines at the end. Problem
> is that your computer (or the one who has the FTP access) includes a virus
> and stole the FTP credentials.
>
> Furthermore you should change alll your passwords concering the website,
> including FTP, database, ....
>
> Am 19.03.2011 10:06, schrieb Andreas Becker:
>
>  How to get access to the backend you can contact me via PM. IMHO it is not
>> good to discuss this here on the list as actually everyone can already
>> read
>> how to get inside TYPO3 if the developers and site adminstrators don't
>> take
>> at least common security measures into account.
>>
>
> If this is not the common way via install tool / localconf.php, please
> share your information with the Security Team. Either contact the team with
> the given email address or myself!
>
> Georg
>
> _______________________________________________
> TYPO3-english mailing list
> TYPO3-english at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english
>


More information about the TYPO3-english mailing list