One popular and potentially devastating method of attack against Joomla powered sites is SQL injection. Any web application that makes use of a database usually communicates with the database for necessary functions using a special language known as 'Structured Query Language', or SQL. Joomla, by the way, uses an open source implementation of this language, MySQL.
The risk is yours! We offer no guarantees, just tips! Hacking Joomla!
No, don't expect how-to's on black-hat hacking into a Joomla site - there we are providing how to modify the Joomla core and addons to get most out of it. This category is intended to be used by the white-hat hackers, Joomla siteowners who want to get out more from the system they have.
Cross Site Scripting is a hacking technique whereby malicious scripting code (usually javascript) is injected into user input forms (in a similar way to SQL injection attacks) or incorporated in a URL query string.
Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. His pair, Local File Inclusion or LFI is basically the same technique, used on sites which have been successfully penetrated, and the hacker "planted" his files already on the server.
A denial of service attack takes place when a hacker overloads a system with large or repeated requests for a service.
A website is stored within a file system on a server. Some of the server's file system is therefore exposed to the outside world and can be accessed by an end-user's web browser. The part of the file system (or directory structure) that is visible to the outside world is limited to a specific root folder and its contents.
HTTP stands for 'HyperText Transfer Protocol', and it is the mechanism used to transfer data from one computer to another across the Internet. You can use HTTP to request information from a server, or to send information to a client by wrapping the request or data in a 'packet'.
Subcategories
Hacking the core Article Count: 12
Don't do this! We are not recommending doing ANY hacks in Joomla! core! You will compromise both upgradeability of your site - and potentially your security. But sometimes you are facing a situation when you need to do this... and then you can look up for a potential solution here. Use these tips only on your own risk - there are no guarantees!
Component hacks Article Count: 18
Hacking the main add-ons, the components running under Joomla! to add new features, functionalities, to enhance or even to fix them
Template trickery Article Count: 26
Template is an essential part of a Joomla site. It's not only simple HTML/CSS/PHP/JS wich let's you show your content, it's a genuine shell with endless of possibilities for success - and failure. There are defined not only how your site will look like for your human visitors, but also for searchengines too. So it's your primary tool in your SEO efforts.
And also it's first line of your defence too. Lots of security holes can be opened with a badly written template! And also, don't forget, that might be the biggest resource hog - so the first place to optimize your site's performance.
More: has a tremendous amount of power built in. You should unleash that, and master it.
Dictionary Article Count: 17
You might heard lot of weird expressions and acronyms when is coming about hacking. What XSS, LFI and all these things are meaning? You can find'em here!
Module crafting Article Count: 2
The module you just installed does not works exactly as you need it? Dont be lazy or shy, do some crafting, bricolage, whatewer you like - and are qualifyed for! DIY - Joomla style.
