how to hack joomla

How this script works
Using injection it gives the abuser full access to all of your files in a semi-shell environment. The user has the ability to execute any commands such as 'ls', 'vi', or even 'rm'. This means they can read all of your configuration files which contain all of your SQL passwords.

The call function replaces mosConfig_absolute_path in your Joomla! configuration.
Solution
The easiest solution is to turn on the SEO feature of Joomla! in your Global Configuration of the Administration Panel. Don't forget to rename htaccess.txt to .htaccess. This will cause a call like above to error 403 Forbidden.

Leave reply

Back to Top