Hi All, Ran across this tutorial on using SVN in web development and found it to be helpful. http://f6design.com/journal/2009/12/23/subversion-for-web-development-part-1 / Cheers! Herb
Herbert M. Tucker Principal Covenant Technical Services, Inc. P: 732-497-0326 C: 848-218-9172 F: 732-497-0326 E: [email protected] W: www.covenanttek.com ____________________________________________________________________________ ____________________________________________________________________________ ______ This electronic message transmission contains information from Covenant Technical Services, Inc. which may be confidential or privileged. Recipients should not file copies of this e-mail with publicly accessible records. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this message is prohibited. If you have received this electronic transmission in error, please notify us by electronic mail immediately and delete this email from your system. Thank you. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Tuesday, March 09, 2010 12:00 PM To: [email protected] Subject: joomla Digest, Vol 39, Issue 8 Send joomla mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://lists.nyphp.org/mailman/listinfo/joomla or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of joomla digest..." Today's Topics: 1. Probe via search module? (Web Project) 2. Re: Probe via search module? (Chris TheEnd) 3. Re: Probe via search module? (Gary Mort) 4. Re: Probe via search module? (Mitch Pirtle) ---------------------------------------------------------------------- Message: 1 Date: Mon, 8 Mar 2010 20:22:21 -0800 (PST) From: Web Project <[email protected]> To: [email protected] Subject: [joomla] Probe via search module? Message-ID: <[email protected]> Content-Type: text/plain; charset="us-ascii" Hi, My log watch detected the following request on my Joomla site. -- index.php?module=search&q=./../../../../../../../../etc/passwd Is this sort of thing a known exploit? Anyone know if it has been fixed or not? Thanks, Larry -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20100308/11faadae/attac hment-0001.html> ------------------------------ Message: 2 Date: Mon, 8 Mar 2010 22:52:59 -0600 From: Chris TheEnd <[email protected]> To: "NYPHP SIG: Joomla" <[email protected]> Subject: Re: [joomla] Probe via search module? Message-ID: <[email protected]> Content-Type: text/plain; charset="us-ascii" http://packetstormsecurity.org/1002-exploits/javapont-lfi.txt the type of attack is very standard it is called local file inclusion, Local File Inclusion - joomla http://www.google.com/search?hl=en&client=firefox-a&hs=Fxr&rls=org.mozilla%3 Aen-US%3Aofficial&q=Local+File+Inclusion+-+joomla&aq=f&aqi=&aql=&oq= On Mar 8, 2010, at 11:22 PM, Web Project wrote: index.php?module=search&q=./../../../../../../../../etc/passwd -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20100308/f4a45aef/attac hment-0001.html> ------------------------------ Message: 3 Date: Tue, 9 Mar 2010 00:43:56 -0500 From: Gary Mort <[email protected]> To: "NYPHP SIG: Joomla" <[email protected]> Subject: Re: [joomla] Probe via search module? Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1" On Mon, Mar 8, 2010 at 11:22 PM, Web Project <[email protected]> wrote: > Hi, > > My log watch detected the following request on my Joomla site. -- > > index.php?module=search&q=./../../../../../../../../etc/passwd > > Is this sort of thing a known exploit? > That is not even a joomla function. Joomla functions would be options=com_something&task=sometask&q=something It's more likely an exploit for some other set of PHP code and their just scanning every website for it. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20100309/0f7866dd/attac hment-0001.html> ------------------------------ Message: 4 Date: Tue, 9 Mar 2010 08:21:17 -0500 From: Mitch Pirtle <[email protected]> To: "NYPHP SIG: Joomla" <[email protected]> Subject: Re: [joomla] Probe via search module? Message-ID: <[email protected]> Content-Type: text/plain; charset=UTF-8 That is a VERY old issue from the PHP4 days... This script kiddie should point their script over at Karjackistan or some such place where everyone is still rocking Windows for Workgroups. Gah. -- Mitch On Tue, Mar 9, 2010 at 12:43 AM, Gary Mort <[email protected]> wrote: > > > On Mon, Mar 8, 2010 at 11:22 PM, Web Project <[email protected]> wrote: >> >> Hi, >> >> My log watch detected the following request on my Joomla site. -- >> >> ??? index.php?module=search&q=./../../../../../../../../etc/passwd >> >> Is this sort of thing a known exploit? > > That is not even a joomla function. > Joomla functions would be options=com_something&task=sometask&q=something > It's more likely an exploit for some other set of PHP code and their just > scanning every website for it. > _______________________________________________ > New York PHP SIG: Joomla! Mailing List > http://lists.nyphp.org/mailman/listinfo/joomla > > NYPHPCon 2006 Presentations Online > http://www.nyphpcon.com > > Show Your Participation in New York PHP > http://www.nyphp.org/show_participation.php > ------------------------------ _______________________________________________ joomla mailing list [email protected] http://lists.nyphp.org/mailman/listinfo/joomla End of joomla Digest, Vol 39, Issue 8 ************************************* _______________________________________________ New York PHP SIG: Joomla! Mailing List http://lists.nyphp.org/mailman/listinfo/joomla NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
