New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Login Form Module Hack #5407
Comments
This tracker is for issues with the core code of joomla. For support please use the forum http://forum.joomla.org and in this specific case then security forum. |
If you are not interested in fixing this obvious hack, it is your problem. David Thomson On Fri, Dec 12, 2014 at 1:50 AM, Brian Teeman notifications@github.com
|
Please have a look into the code that handle the login and compare it with your code. Backend: There is nothing in the Core that redirects to a external website. If you use the default joomla core login module.
Please try again with: https://github.com/joomla/joomla-cms/releases/download/3.3.6/Joomla_3.3.6-Stable-Full_Package.zip Please check if you have a TLS/SSL Certificat enabled for you domian. If yes check it with your host that it is not a bad configuration.
Please make sure you use this URL for the Backend
Please disable all 3Party Extensions and try it from a other computer with different Browsers. (to be sure that it is not your host that is infected. |
I said, "One would expect to login to the backend." It was late at night. I should have written, "One would have expected to
This situation occurred from a brand new install. There were no third party The Joomla 3.3.6 distribution comes from Installatron located in my host's I disabled the Login Form module and installed a different login module David Thomson On Fri, Dec 12, 2014 at 12:40 PM, zero-24 notifications@github.com wrote:
|
@aetherwizard You are better of getting an official distribution of Joomla through http://www.joomla.org/download instead of Installatron. The version you get from Installatron seems to be infected.
So you used the same infected files on both sites, this way you will see the same behavior. |
Steps to reproduce the issue
New install of Joomla 3.3.6, enable "Encrypt Login Form" in the "Login Form" module, then login with superuser credentials.
Expected result
One would expect to login to the backend.
Actual result
My login presents a French language web site selling jewelry with my domain and with a fake https url. When the encryption is turned off, the fake login disappears. This is clearly embedded in the code and not something coming from the browser or a hacked directory.
System information (as much as possible)
Apache Version 2.2.29
PHP Version 5.3.29
MySQL Version 5.5.40-cll
Architecture x86_64
Operating System linux
Joomla 3.3.6
Browser Chromium Version 39.0.2171.65 running on Ubuntu 14.04 (64-bit)
Additional comments
The text was updated successfully, but these errors were encountered: