Hacked By X

mojito · **Posted:** Sun Nov 02, 2008 6:29 pm

I was hacked by this guy

Hacked By X

I cant quite see what has made it take over my site, its a very basic page, if anyone knows how or where he has done this if he has done the same to you I'd like to know. I can't see any kind of redirect etc..im faced with reinstall of latest version as it is. I also dont like how joomla exposes the database password in the configuration text file, that is so bad, surely.

fw116 · **Posted:** Sun Nov 02, 2008 6:55 pm

on top of this forum is a :

HAVE YOU BEEN HACKED, READ THIS

post... it might be a good idea to check that post..

mojito · **Posted:** Mon Nov 03, 2008 11:07 pm

He must have access to ftp somehow

? as he changed the index.php page inside my template folder...I dont know if he could see my site passwords therefore or if he was able to just inject the file through the ftp...Is it better to turn the ftp option off I have no idea how it helps anyway ? I have changed the index page back and upgraded to 1.5.7 lets see what happens...

brad · **Posted:** Mon Nov 03, 2008 11:15 pm

Reset your passwords.. all your passwords.

mojito · **Posted:** Mon Nov 03, 2008 11:38 pm

yes i imagine he could see them, this is why i think its strange that they are kept in the public level.and not a directory up above the http (public or htdocs) folder

grim1208 · **Joined:** Thu Jul 31, 2008 2:10 am **Posts:** 2

2 days ago my site was hacked by [REMOVED] hacker I have his script he used w/ IFRAMES and a bit of php from another page, I am not sure I should share the source but anyone that would like to know should get together with me to figure out how to protect ourselves for future reference.

I am now currently running a trojan executer that reports on the hour everytime a different port has been used.

mojito · **Posted:** Tue Nov 04, 2008 8:44 am

what is it with the [REMOVED] don't they have better more worthwhile things to do ? They say hackers have small dicks ? I guess this hacking makes them feel good about something.

[MOD Note] country references removed, irrelevant and infamitory

suncoast · **Posted:** Fri Nov 07, 2008 5:34 am

Have you flatterned the urls? We have seen of late quite a few instances where hackers have tried to do SQL injections from external sites. For example they have had http://www.sitename..../index.php?itemi ... /xxxx.php.. In turn if the hosting providers security is not very strong or your file permissions are not to standard then the hackers in question can potentially get access to any file on a server.

AlphaMale · **Posted:** Fri Nov 07, 2008 6:00 am

suncoast wrote:

Have you flatterned the urls? We have seen of late quite a few instances where hackers have tried to do SQL injections from external sites. For example they have had http://www.sitename..../index.php?itemi ... /xxxx.php.. In turn if the hosting providers security is not very strong or your file permissions are not to standard then the hackers in question can potentially get access to any file on a server.

Hey Andrew,

Can you give me more information on what you mean by flattened URL's?

Thanks,

grim1208 · **Joined:** Thu Jul 31, 2008 2:10 am **Posts:** 2

yes, please ... i iwll look into it tonight too, if I find anything I'll post.

THanks for the response guys

adamos46 · **Posted:** Fri Nov 07, 2008 4:23 pm

If security was that easy. I assume that you meant to enable sef right? It doesnt protect you from anything if you dont take the right actions. Btw, these people are not hackers, they are dumb script kidd0z.

Joomla! Discussion Forums

Forum rules

Hacked By X

Quick reply

Who is online