jDownloadsownloads.com



Author Topic: Unallowed upload  (Read 10800 times)

0 Members and 1 Guest are viewing this topic.

Offline heyfisch

  • Newbie
  • *
  • Posts: 5
Unallowed upload
« on: 10.09.2014 13:51:20 »
Hi,

I got repeated information mail from jdowbnloads of my site about an upload from guest (means unknown). I find these files in my jdownloads area. But in configuration I limited upload in frontend to user group "special".
Luckily I do not publish files automatically, because they was a virus in a zip file!

Is this a security bug, or did I miss any configuration to deny anonymous upload?

Regards
Heyfisch

PS: Using J!2.5.24, JDownloads 1.9.1.5 with the following PlugIns: Button 2.0.2, Content 2.0.10, Search 2.0.1
« Last Edit: 10.09.2014 14:10:45 by heyfisch »

Offline Arno

  • Administrator
  • ***
  • Posts: 12.239
    • jDownloads.com
Re: Unallowed upload
« Reply #1 on: 10.09.2014 15:10:17 »
Hi,
i hope we have fixed this problem now.
Please install the version below.
Best Regards / Gruß
Arno
Please make a Donation for jDownloads and/or write a review on the Joomla! Extensions directory!

Offline heyfisch

  • Newbie
  • *
  • Posts: 5
Re: Unallowed upload
« Reply #2 on: 10.09.2014 15:17:23 »
Hi Arno,

wow! Not even 1,5 hours later you have the problem found and fixed? What a great and fast support!
I installed this version already and will check if there will be further uploads.
Can you explain, what was changed or the reason?

Thanks a lot,
Regards from Würzburg
Heyfisch

Offline dags

  • Newbie
  • *
  • Posts: 2
Re: Unallowed upload
« Reply #3 on: 11.09.2014 00:42:35 »
I too have had this occur 3 times overnight.   ???

The IP addresses came from (1 Australia -- 2 Canada).
IP-Adress: 198.27.81.136
IP-Adress: 111.67.22.10
IP-Adress: 67.212.91.41

The details I had from the emails are below (obviously with 1 of each of the above IP Addresses)..

==========
Sender: defacerid
E-Mail: haxorid@gmail.com
IP-Adress: 111.67.22.10

Filename: doczxcvbnm_0.zip
Title: document
Description: defacerid
========

Offline Arno

  • Administrator
  • ***
  • Posts: 12.239
    • jDownloads.com
Re: Unallowed upload
« Reply #4 on: 11.09.2014 08:35:08 »
Hi dags,
Quote
I too have had this occur 3 times overnight.
have you installed after this now the last version 1.9.1.6?
Best Regards / Gruß
Arno
Please make a Donation for jDownloads and/or write a review on the Joomla! Extensions directory!

Offline mkhde

  • jD Tester
  • *
  • Posts: 54
    • www.fs-freeware.net
Re: Unallowed upload
« Reply #5 on: 11.09.2014 14:28:18 »
jeah i have the same issue its an ip from iran... i installted the jd version 1.916 did it fix this issue? is it only an upload issue? or is it better that i restore my complete website from a backup with the complete database?
the posted image was be uploaded to my site with an zip file but this damaged

Edit: Thanks arno i didn't read the wohle treat ... You have donation for your fast response from fs-freeware.net ;D

« Last Edit: 11.09.2014 15:08:33 by mkhde »

Offline dags

  • Newbie
  • *
  • Posts: 2
Re: Unallowed upload
« Reply #6 on: 11.09.2014 17:07:01 »
Hi dags,have you installed after this now the last version 1.9.1.6?

Hi Arno,
Correct i have installed the 1.9.1.6 update earlier today.
Fingers crossed it has fixed it..
I have taken down my website for the day double checking everything to ensure no other breaches.
I will now make it live again and see what happens.
Glad you could find the problem so quickly and issue an update.
I have been using your JDownloads for a long time..
Appreciate it.  :)

Offline Arno

  • Administrator
  • ***
  • Posts: 12.239
    • jDownloads.com
Re: Unallowed upload
« Reply #7 on: 11.09.2014 18:21:32 »
Quote
or is it better that i restore my complete website from a backup with the complete database
This should be the best way. And the most secure. Thanks for the donation.
Best Regards / Gruß
Arno
Please make a Donation for jDownloads and/or write a review on the Joomla! Extensions directory!

Offline jo80

  • Newbie
  • *
  • Posts: 19
Re: Unallowed upload
« Reply #8 on: 12.09.2014 08:02:14 »
Me too ..  :'(

x)  if you restore a backup, dont forget to manually delete all the files/folder before the restore, otherwise you may end up with the defacement-images in the folders again, as the backup may only overwrite and not delete old files

x)  if you have Akeeba Backup, there is a tool called Akeeba Site Diff (free on the akeeba website), you can make a diff on an old clean and a new defaced backup, so you can see what was added, s.A. screenshot

Thanks to Arno for the fixes,  I guess there will come some people more to ask for the fix, as those "Hackers" having fun with publishing the "hacked" sites ..  http://www.zone-h.org/archive/published=0/page=3

Have a nice fixing day!   ;D

Offline iikev

  • Newbie
  • *
  • Posts: 3
Re: Unallowed upload
« Reply #9 on: 15.09.2014 15:52:23 »
We are still running Joomla 1.5 in one place, is there any chance to get a Bugfix for JDownloads for Joomla 1.5?

Which file(s) or function(s) have to be fixed? If I could get a JDownloads 1.9.1.5 for Joomla 2.5 to compare it with the latest 1.9.1.6 for Joomla 2.5, I could perhaps check it myself?


Offline jo80

  • Newbie
  • *
  • Posts: 19
Re: Unallowed upload
« Reply #10 on: 15.09.2014 18:41:43 »
Joomla 1.5 rely on old php version and is a security hole per se.  I think no developer would have fun to invest time in dead horses.

Offline iikev

  • Newbie
  • *
  • Posts: 3
Re: Unallowed upload
« Reply #11 on: 15.09.2014 19:02:01 »
Joomla 1.5 rely on old php version and is a security hole per se.  I think no developer would have fun to invest time in dead horses.

you are right, of course.

That's why I would be just as happy if I could get just the plain patch-file of Jdownloads for Joomla 2.5 (or just the plain package before the fix to get a diff by myself) to get an easier access to a solution for Joomla 1.5. If I know what had been done to fix it in Jdownload 1.9 for Joomla 2.5 I may fix it by mysefl at Jdownload 1.9. for Joomla 1.5 (at least it would be easier than if I would


 (Migration at that particular site is an issue by itself for "reasons" ;-) so I am up to myself to keep that Joomla install  more or less secure (one of the advantages of free/libre open source software :-)). Joomla 1.5 by itself is (or was) quite secure, iirc it did not have many security bugs in it while it was still supported.)

Offline Arno

  • Administrator
  • ***
  • Posts: 12.239
    • jDownloads.com
Re: Unallowed upload
« Reply #12 on: 17.09.2014 16:01:52 »
Quote
We are still running Joomla 1.5 in one place, is there any chance to get a Bugfix for JDownloads for Joomla 1.5?
Please use this fix:
http://www.jdownloads.com/forum/index.php?topic=7304.msg28556#msg28556
Best Regards / Gruß
Arno
Please make a Donation for jDownloads and/or write a review on the Joomla! Extensions directory!

Offline iikev

  • Newbie
  • *
  • Posts: 3
Re: Unallowed upload
« Reply #13 on: 17.09.2014 16:34:12 »
now that's great! :-)

Thank you very much, that's even more than I hoped for :-)

Offline shule88

  • Newbie
  • *
  • Posts: 1
Re: Unallowed upload
« Reply #14 on: 20.09.2014 13:30:26 »
i must to say that there was mass attack on jdownload component all over the world, so need to know what enterence they got to upload unauthorised files to servers?

here is a list of hacked servers http://www.zone-h.org/archive/notifier=Index%20Php all jdownload, and much more...

i have seen that on time so i stop it, others was not that much lucky...

My server using win server 2008, 2.5.11 Stable, jDownloads 1.9.1.5 Stable, PHP Version 5.3.24, Database Version 5.6.14

p.s. now i updated to 1.9.1.6 and will see...
« Last Edit: 20.09.2014 13:38:09 by shule88 »

Offline Arno

  • Administrator
  • ***
  • Posts: 12.239
    • jDownloads.com
Re: Unallowed upload
« Reply #15 on: 20.09.2014 13:45:51 »
Hi shule88,
please read at first the informations on the main page here:
http://www.jdownloads.com/index.php?option=com_content&view=article&id=231:urgent-security-update-for-19-series&catid=51:news
Then should you install directly the security update vor your installed jD version (1.9.1.6).

Please note that the 1.9.x series is not the newest jD series and will be replaced with the newer jD series 2.5/3.2.
But it exist in the moment not all jD plugins and modules also for the new series. So when users need a special jD plugin or module which is not included in the new installation packages, he should wait a little bit more with the update.
All other users should fast update to the newer series. Update instructions can you found in the documentation.

« Last Edit: 20.09.2014 13:48:06 by Arno »
Best Regards / Gruß
Arno
Please make a Donation for jDownloads and/or write a review on the Joomla! Extensions directory!