I Hacked The JED

Posted in Joomla!
2010-09-11 00:25:39 +0000 UTC

Over the Labor Day weekend I managed to upload and execute arbitrary PHP code on the Joomla! Extensions Directory. That site has been patched, but the patch is not yet publicly available. As soon as it is, I'll post the dirty details of the exploit I used to hack!

Also, please note that I was given permission to do so and nothing of any value was harmed! - Hacked by jdc

UPDATE: THE JED HAS BEEN PATCHED AND IS NO LONGER VULNERABLE! This was confirmed patched BEFORE this was posted, and WAS NOT EXPLOITED PREVIOUSLY! Nothing was harmed and nothing is at risk!