Brian's Blog Homepage
dork or donkey
dork or donkey

Dork : An inept or foolish person

What does this have to do with Joomla? Well a dork is also the name given to the method hackers use to identify if a site is running a vulnerable extension.

As soon as a vulnerability in an extension is revealed in either the hacker forums or on responsible security sites such as milw0rm or The Open Source Vulnerability Database the hackers of the world use google to search the net for sites using that extension.

For example allinurl: com_fireboard will retun all the sites in the google database that are running the fireboard forum extension and from there the hacker can build a list of web sites to attack.

From that search the hacker has a very long list of sites to attack BUT quite often the reported vulnerability will already have been fixed and the majority of the sites on the list will be safe.

But the hacker isnt stupid, why waste their time probing all the sites on the list when they only want to probe those sites running the vulnerable version. Sadly Joomla exposes the version of any and every extension you have installed on your site so with a couple of extra searches the hacker can create a target list of sites to attack that are all vulnerable.

Although I do not believe in "security through obscurity" I am not going to publish how these version numbers are exposed.

It was reported to the Joomla development team in March 2008 and also to the Joomla Security Strike Team in August 2008 together with a simple fix that would "protect" the vast majority of Joomla web sites.

 

J o o m l a !

Brian Teeman

Brian Teeman

Who is Brian?

As a co-founder of Joomla! and OpenSourceMatters Inc I've never been known to be lacking an opinion or being too afraid to express it.

Despite what some people might think I'm a shy and modest man who doesn't like to blow his own trumpet or boast about achievements.

Where is Brian?