+ Post New Thread
Results 1 to 10 of 10
EduGeek Joomla 1.5 Package Thread, My joomla site 1.5 has been done over as well! in Projects:; My school site has been attcked (cannot put certain word beginninng with H as then it gets filtered b y ...
  1. #1
    reggiep's Avatar
    Join Date
    Apr 2008
    Location
    In the vast area of space and time
    Posts
    1,550
    Thank Post
    518
    Thanked 56 Times in 50 Posts
    Rep Power
    30

    My joomla site 1.5 has been done over as well!

    My school site has been attcked (cannot put certain word beginninng with H as then it gets filtered b y our provider!)

    the site by p@3t_b@y runs joomla 1.5.
    Someohow somebody has managed to log on as an administrator, add an article and then change the admin passwoird so I can now no longer log on!

    HELP!

    The site is externally hosted but all other bits'n'pieces seem fine on the server so I guess I had a vunerability with my joomla package that I had not upgraded to.

    Bugger.

    Does anyone know what this vunerabilty may be so I could use it to get back on and change the password back?

    Or does anyone know how I could get round this by maybe installing Joomla again and then linking it back to the original joomla database?

    Thanks

  2. #2

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,446
    Thank Post
    369
    Thanked 650 Times in 531 Posts
    Rep Power
    160
    Hope you have a backup.

    Reinstall, restore backup upgrade to latest version (stable).

    I assuming your using CPanel, in wish case it could have been a breatch from there too.. Check with your provider.

  3. #3

    Join Date
    Oct 2007
    Location
    Lincolnshire
    Posts
    133
    Thank Post
    0
    Thanked 22 Times in 22 Posts
    Rep Power
    18
    You just need to use phpMyAdmin (or whatever) to open the mysql table containing your user passwords. The first user will probably be the admin and will be the one they've messed with. Write a new password to the password field and you'll be able to log in again. The password will probably have to be written in an encrypted form.

    ETA: You can use this webpage to make a new encrypted password
    http://elmar-eigner.de/md5_encryption.html
    Last edited by keithu; 6th October 2008 at 10:23 AM. Reason: more info

  4. #4
    alonebfg's Avatar
    Join Date
    Aug 2006
    Location
    south west some of the time
    Posts
    834
    Thank Post
    12
    Thanked 34 Times in 21 Posts
    Blog Entries
    5
    Rep Power
    24
    just for intrest how many users are admin ie what do your teacher log in as. make sure all your user do not have backend access and only you have this. If you have any more problems pm me and i will talk you through it.

  5. #5

    SYSMAN_MK's Avatar
    Join Date
    Sep 2005
    Posts
    4,009
    Thank Post
    490
    Thanked 1,345 Times in 731 Posts
    Rep Power
    429
    This is quite worrying. There seems to be a number of J1.5 websites being hacked. You don't say what version of Joomla you were, the current build is 1.5.7.

    Seeing as the J1.5 package was built on an earlier version of the Joomla build, if members haven’t updated their websites Joomla core to the most recent version then they will be vulnerable.

  6. #6
    reggiep's Avatar
    Join Date
    Apr 2008
    Location
    In the vast area of space and time
    Posts
    1,550
    Thank Post
    518
    Thanked 56 Times in 50 Posts
    Rep Power
    30
    I managed vto get our hosts to restore from a backup. Thanks dreamhosting.co.uk.

    I did have a play with phpmyadmin as suggested by keithu and found that the hacker had changed the log on name and email address to his own!

    I changed the email address back to mine and then went through the lost password procedure to change the password back to mine. That way I did not have to bother with password hashes.

    i guess I need to upgrade joomla now from 1.5.3 to 1.5.7 to try to protect it from more bored turkish hackers.

    Thanks

  7. #7
    alonebfg's Avatar
    Join Date
    Aug 2006
    Location
    south west some of the time
    Posts
    834
    Thank Post
    12
    Thanked 34 Times in 21 Posts
    Blog Entries
    5
    Rep Power
    24
    to update download this http://joomlacode.org/gf/download/fr...ch_Package.zip and then ftp it on top of what you got replacing old files. jobe done.

  8. Thanks to alonebfg from:

    reggiep (6th October 2008)

  9. #8

    Join Date
    Jul 2005
    Location
    Rugby
    Posts
    432
    Thank Post
    17
    Thanked 66 Times in 61 Posts
    Rep Power
    35
    Quote Originally Posted by alonebfg View Post
    to update download this http://joomlacode.org/gf/download/fr...ch_Package.zip and then ftp it on top of what you got replacing old files. jobe done.
    Or so you would hope. But i did that this morning after seeing the "my site has been hacked" threads and panicing slightly. Did a backup of current site and ran the upgrade patch. Which failed spectacularly. Tried recovering to the backup, also didn't work (due to me being a complete idiot with the ftp client). So i've spent all day reinstalling joomla, themes and components.
    Oh well, needed to bugfix a few bits anyway so got that done at the same time.

    Matt

  10. #9
    reggiep's Avatar
    Join Date
    Apr 2008
    Location
    In the vast area of space and time
    Posts
    1,550
    Thank Post
    518
    Thanked 56 Times in 50 Posts
    Rep Power
    30
    I think I was done by the reset password hack.
    I upgraded yesterday to 1.5.7 just by ftp-ing over the top and everything seems to be working fine with no problems.

    Thanks guys for all the help.

  11. #10
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118
    Quote Originally Posted by saundersmatt View Post
    Or so you would hope. But i did that this morning after seeing the "my site has been hacked" threads and panicing slightly. Did a backup of current site and ran the upgrade patch. Which failed spectacularly. Tried recovering to the backup, also didn't work (due to me being a complete idiot with the ftp client). So i've spent all day reinstalling joomla, themes and components.
    Oh well, needed to bugfix a few bits anyway so got that done at the same time.

    Matt
    The silver lining on stuff like that is that you learn more about the system and are better prep'd when some other issue hits. Still a pain in the **** though..

SHARE:
+ Post New Thread

Similar Threads

  1. Joomla Download Site Down !!!
    By ICTNUT in forum Web Development
    Replies: 0
    Last Post: 6th September 2008, 04:28 PM
  2. Joomla 1.5 help
    By Sheepy in forum EduGeek Joomla 1.5 Package
    Replies: 3
    Last Post: 3rd July 2008, 02:33 PM
  3. joomla 1.5
    By russdev in forum Web Development
    Replies: 1
    Last Post: 8th May 2008, 07:33 PM
  4. Is There anything else like joomla
    By johnkay21 in forum Web Development
    Replies: 15
    Last Post: 29th May 2007, 11:47 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •