EduGeek Joomla 1.5 Package Thread, My joomla site 1.5 has been done over as well! in Projects:; My school site has been attcked (cannot put certain word beginninng with H as then it gets filtered b y ...
6th October 2008, 09:19 AM #1
My joomla site 1.5 has been done over as well!
My school site has been attcked (cannot put certain word beginninng with H as then it gets filtered b y our provider!)
the site by p@3t_b@y runs joomla 1.5.
Someohow somebody has managed to log on as an administrator, add an article and then change the admin passwoird so I can now no longer log on!
The site is externally hosted but all other bits'n'pieces seem fine on the server so I guess I had a vunerability with my joomla package that I had not upgraded to.
Does anyone know what this vunerabilty may be so I could use it to get back on and change the password back?
Or does anyone know how I could get round this by maybe installing Joomla again and then linking it back to the original joomla database?
IDG Tech News
6th October 2008, 09:24 AM #2
Hope you have a backup.
Reinstall, restore backup upgrade to latest version (stable).
I assuming your using CPanel, in wish case it could have been a breatch from there too.. Check with your provider.
6th October 2008, 09:50 AM #3
You just need to use phpMyAdmin (or whatever) to open the mysql table containing your user passwords. The first user will probably be the admin and will be the one they've messed with. Write a new password to the password field and you'll be able to log in again. The password will probably have to be written in an encrypted form.
ETA: You can use this webpage to make a new encrypted password
Last edited by keithu; 6th October 2008 at 10:23 AM.
Reason: more info
6th October 2008, 10:00 AM #4
just for intrest how many users are admin ie what do your teacher log in as. make sure all your user do not have backend access and only you have this. If you have any more problems pm me and i will talk you through it.
6th October 2008, 10:11 AM #5
This is quite worrying. There seems to be a number of J1.5 websites being hacked. You don't say what version of Joomla you were, the current build is 1.5.7.
Seeing as the J1.5 package was built on an earlier version of the Joomla build, if members haven’t updated their websites Joomla core to the most recent version then they will be vulnerable.
6th October 2008, 12:26 PM #6
I managed vto get our hosts to restore from a backup. Thanks dreamhosting.co.uk.
I did have a play with phpmyadmin as suggested by keithu and found that the hacker had changed the log on name and email address to his own!
I changed the email address back to mine and then went through the lost password procedure to change the password back to mine. That way I did not have to bother with password hashes.
i guess I need to upgrade joomla now from 1.5.3 to 1.5.7 to try to protect it from more bored turkish hackers.
6th October 2008, 01:42 PM #7
to update download this http://joomlacode.org/gf/download/fr...ch_Package.zip and then ftp it on top of what you got replacing old files. jobe done.
Thanks to alonebfg from:
reggiep (6th October 2008)
6th October 2008, 03:02 PM #8
Or so you would hope. But i did that this morning after seeing the "my site has been hacked" threads and panicing slightly. Did a backup of current site and ran the upgrade patch. Which failed spectacularly. Tried recovering to the backup, also didn't work (due to me being a complete idiot with the ftp client). So i've spent all day reinstalling joomla, themes and components.
Originally Posted by alonebfg
Oh well, needed to bugfix a few bits anyway so got that done at the same time.
7th October 2008, 10:16 AM #9
I think I was done by the reset password hack.
I upgraded yesterday to 1.5.7 just by ftp-ing over the top and everything seems to be working fine with no problems.
Thanks guys for all the help.
7th October 2008, 10:27 AM #10
The silver lining on stuff like that is that you learn more about the system and are better prep'd when some other issue hits. Still a pain in the **** though..
Originally Posted by saundersmatt
By ICTNUT in forum Web Development
Last Post: 6th September 2008, 04:28 PM
By Sheepy in forum EduGeek Joomla 1.5 Package
Last Post: 3rd July 2008, 02:33 PM
By russdev in forum Web Development
Last Post: 8th May 2008, 07:33 PM
By johnkay21 in forum Web Development
Last Post: 29th May 2007, 11:47 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)