×
Kunena 5.1.5 Released - Security Release (14 Oct 2018)

The Kunena team has announce the arrival of Kunena 5.1.5 [K 5.1.5] which is now available for download as a native Joomla extension for J! 3.8.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1. This is a Security release.

× This is for users to help other users, to discuss topics that are related to forum administration in general or problems in running Joomla. This is not the place to ask for Joomla support. If you want assistance with Joomla please ask at forum.joomla.org

Question webr00t

More
5 years 11 months ago #1 by mole999
webr00t was created by mole999
Anyone else been hit by webr00t

The site I use has been completely taken over by this entity in the last few hours, changed all the admin accounts and user posts to the same ID

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #2 by 810
Replied by 810 on topic webr00t
did you used old kunena version.
There is released a old 2 years security vul.

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #3 by mole999
Replied by mole999 on topic webr00t
its a friends site, which i had admin rights to, but not the main database, its only been built in the last couple of months and from my limited knowledge it has all the current releases. I haven't had chance to speak with the owner yet, so i don't know if its a hosting attack or just this site

wish I knew more to be more specific

Please Log in or Create an account to join the conversation.

  • sozzled
  • Visitor
5 years 11 months ago #4 by sozzled
Replied by sozzled on topic webr00t
I searched on Google and there are no results that tie webr00t to Kunena (apart from this topic that we are reading now).

What makes you suspect that the nature of the attack was related to Kunena? To be more specific about details, please post your configuration report.

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #5 by mole999
Replied by mole999 on topic webr00t

sozzled wrote: I searched on Google and there are no results that tie webr00t to Kunena (apart from this topic that we are reading now).

What makes you suspect that the nature of the attack was related to Kunena? To be more specific about details, please post your configuration report.


There is no accessible (to me config report as the whole site has been taken over by this entity, all the mods and admin accounts have been stamped as created by this entity, all user entries are created by this entity, unable to log in to the back end), I only managed to log in by creating another account. If any one is interested they can create a fake account on www.jcagain.com and have a look.

As to the point of entry into the site, I'm not debating that, my original question was about the entity, and if it was known. If nothing else is evident so far, then its a focussed DOS rather than a hosting site being taken down.

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #6 by mole999
Replied by mole999 on topic webr00t

810 wrote: did you used old kunena version.
There is released a old 2 years security vul.


Are you able to point me to that information please

Please Log in or Create an account to join the conversation.

  • sozzled
  • Visitor
5 years 11 months ago #7 by sozzled
Replied by sozzled on topic webr00t
The best advice in these extreme circumstances, where control of your website has been wrested from your hands, is to revert to a previous known, good backup of your site and restore operations to as normal as possible.

I do not know how else we can be of help.

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #8 by mole999
Replied by mole999 on topic webr00t

sozzled wrote: The best advice in these extreme circumstances, where control of your website has been wrested from your hands, is to revert to a previous known, good backup of your site and restore operations to as normal as possible.

I do not know how else we can be of help.


Thanks for that. I'm waiting on the owner to contact the developer, just thinking along the lines of what else was known to be issues so we can look out for them. If I had had full access I would have had back ups and restored it ASAP

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #9 by skybax
Replied by skybax on topic webr00t
and also can you provide the IP from were the post ware made (to add to block list)

Please Log in or Create an account to join the conversation.

More
5 years 11 months ago #10 by Mortti
Replied by Mortti on topic webr00t
@mole999 www.kunena.org/download , and is frustrating to talk people who are not even site SA!

Thanks for that. I'm waiting on the owner to contact the developer, just thinking along the lines of what else was known to be issues so we can look out for them. If I had had full access I would have had back ups and restored it ASAP

Regards from Finland,

Sami/Mortti

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Time to create page: 0.135 seconds