Вы находитесь на странице: 1из 13

HackerTarget.

com Joomla Security Report

Joomla Security Report


HackerTarget.com

HackerTarget.com is the world leader in online open source intelligence and security assessments. All scanning tools are on-line for easy and convenient access.

All HackerTarget.com Vulnerability Scan options are Free (limit of 4 / day) Server / IP Nmap Port Scan OpenVas Scan SSL Check Web Sites WhatWeb Site Fingerprint SQL Injection Test Nikto Web Scan BlindElephant Scan Intelligence DomainProfiler Fierce Domain Scan Hosting Server Info CMS WordPress Scan Joomla Scan Drupal Scan

Professional Services Security Scanning Membership Manual Security Assessment additional scanning ($7 / month or $49 / year) professional assessment with full report (from $400 USD)

This report is autogenerated using various sources and scripts. No guarantee is made to the accuracy of the information found. See http://hackertarget.com for full Terms of Service.

Design and Layout is licensed under a Creative Commons Attribution 3.0 Unported License.

Joomla Security Scan by HackerTarget.com LLC

1 of 13

HackerTarget.com Joomla Security Report

Table of Content Joomla Security Report


HackerTarget.com

1
1

Table of Content Joomla Site Info


Domain Reputation Check Robots.txt found

2 3
3 4

Site Links and Scripts


External Site Links Javascript links and Scripts found Internal Site Links

5
5 5 5

Hosting Information for www.belroseproperties.com


Websites sharing your IP

6
6

Appendix A : Additional Resources


The Basics Advanced Security Testing Further Information

13
13 13 13

Joomla Security Scan by HackerTarget.com LLC

2 of 13

HackerTarget.com Joomla Security Report

This report is based on an automated security scan using passive data collection after crawling the nominated site. It was generated on Tue Nov 22 21:49:06 2011 More Information

Joomla Site Info


Site URI: Joomla Version: www.belroseproperties.com unknown Advanced version fingerprinting can be done with blindelephant. Always ensure your Joomla software is up to date. OOPS! : Web Server: X-Powered-By: MetaGenerator: Page Title: Are you sure this is Joomla it looks more like WordPress! Apache PHP/5.3.6 Joomla! 1.5 - Open Source Content Management Florida Foreclosure Help | Short Sale amp; Walk Away | Hollywood, FL

Domain Reputation Check


The site www.belroseproperties.com has been checked against web reputation services
Ref Service Google Safebrowsing finds this site as safe Site Check Result SAFE

Joomla Security Scan by HackerTarget.com LLC

3 of 13

HackerTarget.com Joomla Security Report

Robots.txt found
The robots.txt is used to tell search engines to ignore parts of your site. It can also be used by attackers to find stuff you may not want to be public and other interesting directories.
raw file User-agent: * Disallow: /administrator/ Disallow: /cache/ Disallow: /components/ Disallow: /images/ Disallow: /includes/ Disallow: /installation/ Disallow: /language/ Disallow: /libraries/ Disallow: /media/ Disallow: /modules/ Disallow: /plugins/ Disallow: /templates/ Disallow: /tmp/ Disallow: /xmlrpc/ Disallow: /is-hafa-a-trap/ Disallow: /component/ Disallow: /index.php?task= # BEGIN JCAWLER-XML-SITEMAP-COMPONENT Sitemap: http://www.belroseproperties.com//sitemap.xml # END JCAWLER-XML-SITEMAP-COMPONENT

Joomla Security Scan by HackerTarget.com LLC

4 of 13

HackerTarget.com Joomla Security Report

Site Links and Scripts


Links and scripts to external sites and unknown javascript may indicate the presence of malware or malicious scripting. Examine the results below, linking to sites of poor reputation or malware can result in blacklisting by google and other search engines.

External Site Links


Links to external sites, assessed for reputation
link http://www.rockettheme.com/ Google Safe Browse SAFE MyWOT Reputation 93

Javascript links and Scripts found


Google Analytics Account ID : UA-10631760-2 Internally Linked Javascript
link http://www.belroseproperties.com/foreclosure-blog/wp-content/plugins/jquery-drop-down-menu-plugin/noConflict.js?ver=3.0.2 http://www.belroseproperties.com/foreclosure-blog/wp-includes/js/jquery/jquery.js?ver=1.4.2 /media/system/js/caption.js /media/system/js/mootools.js /modules/mod_roktabs/tmpl/roktabs.js /templates/rt_affinity_j15/js/rokdate.js /templates/rt_affinity_j15/js/rokfonts.js /templates/rt_affinity_j15/js/rokmoomenu.js /templates/rt_affinity_j15/js/rokutils.js

Internal Site Links


The full site has not been crawled, these are the links from the main index page
links / /american-home-mortgage-loan-modification /bank-of-america-loan-modification /citimortgage-loan-modification /emc-loan-modification /florida-foreclosure-mediation-options /frequently-asked-foreclosure-questions /frequently-asked-foreclosure-questions/florida-foreclosure-laws /frequently-asked-foreclosure-questions/frequent-asked-foreclosure-questions /getting-started /getting-started/do-you-qualify /getting-started/short-sale-process /getting-started/whats-the-first-step /getting-started/your-homes-value /gmac-loan-modification /hafa-short-sales /joomla-scan-221111043663622-output.rawhtml /litton-loan-modification /short-sale-vs-foreclosure /stop-foreclosure /what-is-a-short-sale /what-is-a-short-sale/do-you-qualify /what-is-a-short-sale/short-sale-vs-foreclosure /what-is-a-short-sale/what-is-a-short-sale http://www.belroseproperties.com/ http://www.belroseproperties.com/?fontstyle=f-larger http://www.belroseproperties.com/?fontstyle=f-smaller http://www.belroseproperties.com/foreclosure-blog

Joomla Security Scan by HackerTarget.com LLC

5 of 13

HackerTarget.com Joomla Security Report

Hosting Information for www.belroseproperties.com


The following details about the server and hosting provider have been discovered.
Domain: IP: Organization: AS Name: ISP: City: Country: www.belroseproperties.com 216.119.130.194 A2 Hosting 123NET A2 HOSTING INC Ann Arbor United States

Websites sharing your IP


These sites have been found to be sharing the servers IP address
link 2006.freddyballhockey.com 2007.freddyballhockey.com abhisheksoni.com absseafood.com adv.polynon.com agoodsignabq.com ajourney4you.com aleksandra-fedorova.com allisonandres.com allystrip.com alphasignsolutions.com americanmadefitnessequipment.com andyrunton.com archylasalle.com asifali.com aspasol.org astorytocherish.net atouchofelegancephoto.com auditoryprocessingandtherapy.com averysecayouthinsports.com baltimore.foursquad.com birnes.com bistro5.com bizznewz.com briancody.org cards.bhcbe.net catholicliving.org cdk6.net cdk7.net Google Safe Browse SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE MyWOT Reputation ??? ??? ??? ??? ??? ??? ??? ??? ??? 70 ??? 70 73 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ???

Joomla Security Scan by HackerTarget.com LLC

6 of 13

HackerTarget.com Joomla Security Report


chatter.customdesigns.com.au christumc.com cocker.e2make.de contemporarydanceacademy.com cornerstoneiv.com cuisinartdgb-550bk.com cullor.com cultivationconsultation.com cuyahogapatriots.com cuyahogavalleygop.com dannyfielder.com davidpiercemedia.com dentisticao.com dlchristy.com dontletyourbankwin.com e2make.com en.rapidxchanger.com energetictarot.com event234.com fineartseattle.com foodforlunch.org forest-path.net fortbendwrestling.com fsdmp.com fwo.org gaconstructions.com globalgroupevents.com grassrootsandboots.com gredunzapress.com greentownlosaltos.org hieftje.org hilofishing.com hosneyunderground.com htvcplatinum.com ikonicdesign.com inemana.com infinitesymmetryof8.com interacttivo.com interoperability-now.org irishclubofrome.com jcunity.org jdrdev.net johndrewitt.com juliklie.com kituo.us kucinich.com larryfrawley.com letstransact.com lineadomanifashions.com loveandrelationships.net loveeverystitch.com SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE ??? 70 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 36 ??? ??? ??? ??? ??? ??? ??? ??? 70 ??? ??? ??? ??? 89 80 70 ??? ??? ??? ??? ??? ??? 80 ??? ??? ??? ??? ??? ??? 54 ??? ??? ??? ??? ???

Joomla Security Scan by HackerTarget.com LLC

7 of 13

HackerTarget.com Joomla Security Report


lucamarin.com lunarchimes.com mail.cascadia.org makefastcash.e2make.de manishpaintings.com mapleridgeinc.com mathtourney.com mattferreira.com mattwrather.com mediaarchaeologyofplace.org megancullor.com memclip.com mezbits.com mhyder.com michael-gallagher.com michaelbenoit.org minex-ng.com ministryofbacon.com missuniversityafrica.org missuniversitynigeria.com mistercameron.com miwashersassoc.com mkmdesign.ca mobilemondayannarbor.org mobilemondaydetroit.org mobilemondaymichigan.org monicascakes.com moreonmedia.com mountainworkshop.com multi-familyhouses.com myimagebayhosting.com notesonsurvival.info nvcci.com oceanrefit.com onelovefornurses.org orcapodsoftware.com passporttobaja.com peterszuhay.com photosrwallpapers.com polyesteristhedevil.com polynon.com pressure-test.com profitsincash.com proxby.com publicgloucester.com qbee.astorytocherish.net quinlondon.com r0kit.net relaxwithsteve.com remnantflooring.com richardthebrave.com SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 73 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ???

Joomla Security Scan by HackerTarget.com LLC

8 of 13

HackerTarget.com Joomla Security Report


robertmarkel.com rossetticompanymanagement.com roxanneoberle.com rxautoglass.com saintandrewstacoma.org scrappingartistry.com shellispeaks.com signbitconsulting.com skswadvertising.com smallwonderslearning.net sorinspanu.com soulfuel.net speakmanvocalarts.com spot2day.com starways.net stickerish.com strongsvillegop.com sulaiman.www55.a2hosting.com surveyorselect.com talltailsjournal.com tarlingtontraining.com tciproteam.com teachingteacherscomputers.com techproposition.com test.uptospeedmag.com thebestpossiblelife.com thecollegecup.com thegreengroupies.com throughthearbour.ca tombstonearmory.com tomcho.com torrentband.net transitionfinsburypark.org.uk tsnmiami.com tulumvacations.com wagonerdesign.com wallpapers.spot2day.com wholestorymedia.com wizecounzel.com wm.rapidxchanger.com workplacerecovery.com wrather.org www.7minutefaceliftreviews.com www.alphasignsolutions.com www.andyrunton.com www.antiquesatportobello.co.uk www.appervasive.com www.athensrooftech.com www.auditoryprocessingandtherapy.com www.avpro.com.sa SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE ??? ??? ??? ??? 70 ??? ??? ??? ??? ??? ??? ??? ??? ??? 74 89 ??? 85 ??? ??? 76 ??? ??? ??? ??? ??? ??? ??? ??? ??? 73 ??? 74 ??? ??? ??? 93 ??? ??? ??? ??? ??? ??? ??? 73 ??? ??? ??? ??? ???

Joomla Security Scan by HackerTarget.com LLC

9 of 13

HackerTarget.com Joomla Security Report


www.belroseproperties.com www.bluecolorcontacts.com www.breathingroomstudio.com www.britishschoolsgolf.com www.brookdesign.com www.buycoloredcontacts.org www.cacefindiana.org www.capitalcityballhockey.ca www.carolynmariewright.com www.cascadia.org www.christinanaguib.com www.coconutstrum.com www.collegegolf.co.uk www.coloureyecontacts.com www.conservationpa.org www.conservepennsylvania.org www.crazycatdesigns.com www.customdesigns.com.au www.cuyahogavalleygop.com www.cyberdevgroup.com www.cyclingforwater.com www.daniela-km.e2make.com www.david-a-richards.com www.diamondsuitescebu.com www.dominodollhouse.com www.downrightdomestic.com www.eastbaywomenstherapyalliance.com www.easyabworkoutroutine.com www.educationgrantsforsinglemothers.net www.erichoberle.com www.etitechinc.com www.federalgrantsforsinglemothers.com www.flanboyanteats.com www.flooringinstalls.com www.floridapropertiesmg.com www.focalpointkitchens.com www.foodlah.com www.foreclosurehelpincoopercity.com www.foreclosurehelpinhollywood.com www.foreclosurehelpinmiramar.com www.freddyballhockey.com www.frederictonjewellers.com www.freegamesftw.net www.freemoneyforsinglemothers.com www.fusionassociates.com www.futuretheater.com www.fwo.org www.gerrypennington.com www.getmyfreelaptop.org www.globalpainremedies.com www.goodabworkoutsforgirls.com SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE ??? ??? ??? ??? ??? ??? 70 ??? ??? ??? ??? ??? 70 ??? ??? ??? ??? ??? ??? ??? ??? 36 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 74 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 70 ??? 70 ??? ??? ??? ???

Joomla Security Scan by HackerTarget.com LLC

10 of 13

HackerTarget.com Joomla Security Report


www.governmenthelpforsinglemothers.com www.governmentprogramsforsinglemothers.c www.groomingtails.ca www.hauntnight.com www.helpsinglemothers.net www.hollywoodhomeforsale.net www.houseforsaleinhialeah.com www.howtogetafreelaptop.net www.huskydigs.com www.irishclubofrome.com www.isga.co.uk www.isga.eu www.kellandcam.com www.kidscompany.org www.lakecityldc.com www.laptopsforfree.net www.larryfrawley.com www.lavenderduck.com www.leader4hire.com www.lippenbergerlaw.com www.luxebride.net www.mac-tek.ca www.maloneyforcouncil.com www.marcellusmoney.org www.marveltoys.net www.mcdpr.com www.miramarhomeforsale.com www.missuniversityafrica.org www.momandmeandyou.com www.mortgageforpeoplewithbadcredit.org www.mountainworkshop.com www.musicianconfuoco.com www.mybhilwara.com www.myfitness-shop.ca www.myvenner.com www.naturalgrowth.ca www.neckandfacialexercises.com www.nutcrackerfortcollins.com www.otbp-bookstore.com www.pbjfreedomfellowship.com www.peterszuhay.com www.pixd.com www.plantationhomeforsale.com www.pump-n-go.com www.quinwebsolutions.com www.rbperry.com www.repligen.com www.richellepeta.com www.riolindoabq.com www.rlsdemographics.com www.safeincommon.org SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE ??? ??? ??? 70 ??? ??? ??? ??? ??? ??? ??? ??? ??? 70 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 71 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 70 ??? ??? ??? ???

Joomla Security Scan by HackerTarget.com LLC

11 of 13

HackerTarget.com Joomla Security Report


www.sdskinnerconsulting.com www.shadowlawnpress.com www.sksw.com www.skswadvertising.net www.southeastgop.com www.spot2dayinc.com www.startle.com.au www.starways.net www.stationfiveonefive.com www.steinerhealth.org www.strongsvillegop.com www.suryasoni.info www.sweet-sensations.com www.talmadgecanyonpark.com www.thegoatscape.com www.treasurestorage.com www.tsnmiami.com www.twig.com www.uitoygrid.com www.unionenglish.net www.welink.co.nz www.whitersmilescam.com www.william.birnes.com www.winafreecomputer.net www.winafreelaptopcomputer.com www.yorkandyork.com.au wyset.org yaashcars.com youngisraelwrp.com ypmb.com zapagain.com SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE SAFE ??? ??? ??? ??? ??? ??? ??? 74 ??? 80 ??? 80 1 70 ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? ??? 70 ??? ???

Joomla Security Scan by HackerTarget.com LLC

12 of 13

HackerTarget.com Joomla Security Report

Appendix A : Additional Resources


Joomla is a stable and powerful content management system. A few simple steps can increase the security of the platform a great deal.

The Basics
* Back It Up - Be ready to lose it all at anytime. If you have an up to date backup restoring is much easier * Keep Joomla System up to date * Keep all Plugins and Modules up to date * Beware of untrusted Themes and Modules * Rename admin account to a non-generic name * Use strong passwords ( a dictionary word with a number after it is not a strong password! ) * Keep your password safe! Do not re-use it on other sites. * Ensure you have up to date AV on your Windows Machine. Malware collects passwords. * The underlying server must be well managed and in a secure state * VPS or Dedicated server? Set up server monitoring (http://www.ossec.net is a good start)

Advanced Security Testing


This report has been generated using automated scripts and tools, while it provides a good overview of the general security of the site and any obvious problems, it is far from a comprehensive security assessment. HackerTarget.com has a comprehensive security assessment offering that is in effect a simulated hacker attack against the target system. This assessment by its nature is much more aggressive than the automated review you are looking at now, and provides a full report with any security holes found along with recommendations for increasing the security of the system.

Alternatively there is a collection of security tools available for free and online for testing at HackerTarget.com.

Further Information
There are a thousand and one guides for drupal security tips. Some of the best information is from the source. Security Checklist for Joomla.org

Joomla Security Scan by HackerTarget.com LLC

13 of 13