Maybe he doesnt know how to On Thu, Dec 15, 2011 at 5:06 PM, Kennedy Kairaria <kenkairaria@gmail.com>wrote:
Dude! You still haven't changed the password? Kuwa serious.
On Fri, Dec 2, 2011 at 3:52 PM, Gathungu Ibrahim <mgathungu@gmail.com>wrote:
Attached
On Fri, Dec 2, 2011 at 3:51 PM, Gathungu Ibrahim <mgathungu@gmail.com>wrote:
Sort these out and you will be good to go. Attached On Fri, Dec 2, 2011 at 1:58 PM, Gathungu Ibrahim <mgathungu@gmail.com>wrote:
Hey, This is more that a technology issue. The Mkombozi bank should have had some security governance standards to make sure they are secure and to protect their corporate image before they go public.
All the techy advice is true, change the default password, change the unutilised templates and go for a more secure set-up of the website. Use OWASP framework to test if the website is secure after you are done. I can give you an analysis of the site at a small fee.
Baraka.
-- Regards,
Ibrahim Gathungu ./1bz - Security consultant On Fri, Dec 2, 2011 at 11:20 AM, m mugo <mugo2of3@gmail.com> wrote:
Have also logged in to the website's back end administrator control panel at the first attempt.
Looks like a hurriedly done site where the admin left the password as it was during development where a simple password is used for faster access.
Regards, M. Mugo
On Fri, Dec 2, 2011 at 10:49 AM, michael wambua <m80mig@gmail.com>wrote:
first remove the beez template and any other template that you are not using, go to ur plugin section check for any port related plugin and remove the plugins that are not working on the site and are not necessary. again change your password make it like a 14 minimum and remove the the users that you cannot identify on your site. kill the index.php and recreate the index to a xhtml after you make the links SEO friendly. remove any unknown authors plus admins.(important) and if possible and if you have time upgrade your joomla and dont use the customized admins coz they come with so many port openers. i can see like 4 ports open on your system... by doing this you might just get them closed.
regards
On Fri, Dec 2, 2011 at 10:33 AM, muskiv <kulebak@gmail.com> wrote:
> Our friend...you can't get rid of the hacker guys, never heard of > anyone that ambitious.....its like fighting with the wind! > > On Fri, Dec 2, 2011 at 12:58 AM, Muhile Abdulaziz < > abdulaziz.muhile@gmail.com> wrote: > >> so how do i get rid of the hacker guys >> before i start locking the doors and windows >> >> >> On Fri, Dec 2, 2011 at 12:56 AM, Bernard Wanyama < >> bwanyama@eis.co.ug> wrote: >> >>> Yes Paul, >>> >>> Sometimes, it doesn't have to be a hack like SQL injection or >>> buffer overflow - just walk into an open door! >>> >>> Security starts with the simple things like common sense. >>> Engineers and doctors go to jail for simple mistakes........ ask >>> Dr. Conrad Murray. >>> >>> Kind regards, >>> Bernard >>> >>> >>> On Thu, Dec 1, 2011 at 9:53 PM, Paul Kevin <paultitude@gmail.com>wrote: >>> >>>> Ok....I just logged into the site as the admin....was it that >>>> simple? >>>> >>>> >>>> On Thu, Dec 1, 2011 at 9:48 PM, Paul Kevin <paultitude@gmail.com>wrote: >>>> >>>>> Joomla 1.5, as per the one in use, has alot of >>>>> vulnerabilities.....updates really help >>>>> >>>>> >>>>> http://developer.joomla.org/security/news/241-20080801-core-password-remind-... >>>>> >>>>> http://docs.joomla.org/Vulnerable_Extensions_List#JB_Captify_Content_J1.5_an... >>>>> >>>>> >>>>> On Thu, Dec 1, 2011 at 9:45 PM, Bernard Wanyama < >>>>> bwanyama@eis.co.ug> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> Either - weak / default admin password of the CMS (Drupal, >>>>>> Joomla, etc) - trivial >>>>>> >>>>>> Or - SQL injection attack that also exploits the CMS - more >>>>>> complex >>>>>> >>>>>> Kind regards, >>>>>> Bernard >>>>>> >>>>>> On Thu, Dec 1, 2011 at 9:13 PM, Muhile Abdulaziz < >>>>>> abdulaziz.muhile@gmail.com> wrote: >>>>>> >>>>>>> Have a client that has a website that is hacked >>>>>>> >>>>>>> www.mkombozibank.com >>>>>>> the hack message is 1923TURK-GRUP HACKED bySeRDaR >>>>>>> >>>>>>> please advice how this happened, is it the server or the site >>>>>>> itself >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> regards >>>>>>> >>>>>>> AA.Muhile Abdul >>>>>>> Title: Creative >>>>>>> >>>>>>> *Address* >>>>>>> Plot 145, Kijitonyama Area, >>>>>>> P.O.Box 71387 >>>>>>> Dar es Salaam >>>>>>> Tanzania >>>>>>> Cell: +255 783 018998 >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Skunkworks mailing list >>>>>>> Skunkworks@lists.my.co.ke >>>>>>> ------------ >>>>>>> List info, subscribe/unsubscribe >>>>>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>>>>>> ------------ >>>>>>> >>>>>>> Skunkworks Rules >>>>>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>>>>>> ------------ >>>>>>> Other services @ http://my.co.ke >>>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Skunkworks mailing list >>>>>> Skunkworks@lists.my.co.ke >>>>>> ------------ >>>>>> List info, subscribe/unsubscribe >>>>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>>>>> ------------ >>>>>> >>>>>> Skunkworks Rules >>>>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>>>>> ------------ >>>>>> Other services @ http://my.co.ke >>>>>> >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Skunkworks mailing list >>>> Skunkworks@lists.my.co.ke >>>> ------------ >>>> List info, subscribe/unsubscribe >>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>>> ------------ >>>> >>>> Skunkworks Rules >>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>>> ------------ >>>> Other services @ http://my.co.ke >>>> >>> >>> >>> _______________________________________________ >>> Skunkworks mailing list >>> Skunkworks@lists.my.co.ke >>> ------------ >>> List info, subscribe/unsubscribe >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> ------------ >>> >>> Skunkworks Rules >>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> ------------ >>> Other services @ http://my.co.ke >>> >> >> >> >> -- >> regards >> >> AA.Muhile Abdul >> Title: Creative >> >> *Address* >> Plot 145, Kijitonyama Area, >> P.O.Box 71387 >> Dar es Salaam >> Tanzania >> Cell: +255 783 018998 >> >> >> _______________________________________________ >> Skunkworks mailing list >> Skunkworks@lists.my.co.ke >> ------------ >> List info, subscribe/unsubscribe >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >> ------------ >> >> Skunkworks Rules >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >> ------------ >> Other services @ http://my.co.ke >> > > > _______________________________________________ > Skunkworks mailing list > Skunkworks@lists.my.co.ke > ------------ > List info, subscribe/unsubscribe > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke >
-- Michael Wambua +254 712710697 info@michaelwambua.com www.michaelwambua.com
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards,
Ibrahim G.
-- Regards,
Ibrahim G.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke