Path: csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder1.enfer-du-nord.net!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.038 X-Spam-Evidence: '*H*': 0.92; '*S*': 0.00; 'remind': 0.05; 'url:pipermail': 0.05; 'python': 0.09; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'thread,': 0.09; 'utilizing': 0.09; 'cms.': 0.16; 'exposes': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'wrote:': 0.17; 'hack': 0.18; 'cheers,': 0.23; 'header:User-Agent:1': 0.26; 'prevent': 0.27; 'header:X-Complaints-To:1': 0.28; 'embed': 0.29; 'exposed': 0.29; 'no,': 0.29; 'source': 0.29; 'maybe': 0.29; 'code': 0.31; 'url:python': 0.32; 'to:addr:python-list': 0.33; 'another': 0.33; 'mine': 0.35; 'received:org': 0.36; 'but': 0.36; 'url:org': 0.36; 'subject:Please': 0.36; 'should': 0.36; 'subject:: ': 0.38; 'page': 0.38; 'to:addr:python.org': 0.39; 'header:Received:5': 0.40; 'url:mail': 0.40; 'your': 0.60; 'visit': 0.64; 'subject:One': 0.65; 'webpage': 0.65; 'subject:. ': 0.66; 'ago.': 0.66; 'header:Reply-To:1': 0.68; '8bit%:100': 0.70; '8bit%:92': 0.70; 'connection,': 0.71; 'reply-to:no real name:2**0': 0.72; 'reply-to:addr:gmail.com': 0.79; 'happened.': 0.84; 'mins': 0.84; 'otten': 0.84; 'joomla': 0.93 X-Injected-Via-Gmane: http://gmane.org/ To: python-list@python.org From: Kev Dwyer Subject: Re: One of my joomla webpages has been hacked. Please help. Date: Sat, 22 Sep 2012 11:13:43 +0100 References: <079f4b21-93f4-450b-9112-21b2faa19ed3@googlegroups.com> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8Bit X-Gmane-NNTP-Posting-Host: cpc4-hari14-2-0-cust605.20-2.cable.virginmedia.com Mail-Copies-To: kevin.p.dwyer@gmail.com User-Agent: KNode/4.7.2 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: kevin.p.dwyer@gmail.com List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 43 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1348308839 news.xs4all.nl 6871 [2001:888:2000:d::a6]:37471 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:29734 Νίκος Γκρεεκ wrote: > Τη Σάββατο, 22 Σεπτεμβρίου 2012 10:26:05 π.μ. UTC+3, ο χρήστης Peter Otten > έγραψε: >> Νίκος Γκρεεκ wrote: >> >> >> >> > One webpage of mine, http://www.varsa.gr/ has been *hacked* 15 mins >> > ago. >> >> >> >> > Please visit my web page varsa.gr and view the source code and maybe >> > you >> >> > can tell me what has happened. >> >> >> >> Do you use a password that was exposed in the other thread, >> >> >> >> http://mail.python.org/pipermail/python-list/2012-September/630779.html >> >> >> >> ? > No, that was for another web page of mine utilizing python mysql > connection, this was joomla only website which remind me to also ask if i > can embed somwhow python code to joomla cms. This is only speculation, as I don't know exactly how your web page has been "hacked", but if your page somehow exposes a database connection, and the hack involves changing the contents of the database then you should read up on SQL injection attacks and how to prevent them. Cheers, Kev