Hacked - Please be merciful

jchris · **Posted:** Tue Nov 04, 2008 10:10 pm

A site that I setup for a friend has been hacked, it displays "hacked by ****" on the home page and we cannot get into the administration area as the super administrator. Another user is able to access the backend, but not as super administrator, so we can't take the site offline or anything.

This site was started awhile back and there has been little activity because he was not ready to proceed. The site is on Joomla 1.5.0. Please be merciful to me as a novice of the security end of things and tell me if there is any way to reset the administrator password or to do something to the database.

THANK YOU!!!

(p.s. - my other sites are on 1.5.7)

sone12 · **Posted:** Tue Nov 04, 2008 10:19 pm

I think the hacker have hacked your mysql and changed the password for the user with lowest id in the database. Normally that user is the super admin. This is a well known security problem in Joomla! 1.5.0 to 1.5.5. The security bug was fixed in 1.5.6.

Login to your database with PHP MyAdmin or something and change the password for your admin user. You have to use a MD5 password. Here is a link to a MD5 generator.
http://www.invision-graphics.com/md5hash_generator.html

jchris · **Posted:** Tue Nov 04, 2008 11:37 pm

Thanks for the response.

brad · **Posted:** Wed Nov 05, 2008 12:34 am

http://developer.joomla.org/bug-squad-b ... sword.html

Be sure to use that box up the top right.. it actually helps.. it "searches".

Joomla! Discussion Forums

Forum rules

Hacked - Please be merciful

Quick reply

Who is online