Our website has been pharma hacked. We recently upgraded from version 1.5.15 to 1.5.26, however I'm unsure when the hack happened.
I tried following posting instructions. Here are the results of the FPA:
Problem Description :: Forum Post Assistant (v1.2.1) : 16th July 2012 wrote:pharma hack
Last PHP Error(s) Reported :: Forum Post Assistant (v1.2.1) : 16th July 2012 wrote:[30-Jan-2012 14:11:50] PHP Fatal error: Call to undefined method ::() in /home/husonusa/public_html/libraries/joomla/session/session.php on line 135
Thanks,Forum Post Assistant (v1.2.1) : 16th July 2012 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 1.5.26-Stable (senu takaa ama busani) 27-March-2012
Joomla! Configured :: Yes | Read-Only (644) | Owner: husonusa (uid: 804/gid: 800) | Group: husonusa (gid: 800) | Valid For: 1.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 0 | Cache: 0 | FTP Layer: 1 | SSL: 0 | Error Reporting: -1 | Site Debug: 0 | Language Debug: 0 | Database Credentials Present: Yes
Host Configuration :: OS: Linux | OS Version: 2.6.18-194.32.1.el5 | Technology: x86_64 | Web Server: Apache | Encoding: gzip,deflate,sdch | Doc Root: /home/husonusa/public_html | System TMP Writable: Yes
PHP Configuration :: Version: 5.2.17 | PHP API: apache2handler | Session Path Writable: Unknown | Display Errors: 1 | Error Reporting: 6135 | Log Errors To: error_log | Last Known Error: 28th May 2012 07:53:41. | Register Globals: 0 | Magic Quotes: 1 | Safe Mode: 0 | Open Base: /home/husonusa:/usr/lib/php:/usr/local/lib/php:/tmp | Uploads: 1 | Max. Upload Size: 32M | Max. POST Size: 32M | Max. Input Time: 240 | Max. Execution Time: 120 | Memory Limit: 512M
MySQL Configuration :: Connection Error: 1045:Access denied for user 'jiworklc_husonup'@'localhost' (using password: YES) : Database Credentials Present? in Configuration...Detailed Environment :: wrote:PHP Extensions :: date (5.2.17) | libxml () | openssl () | pcre () | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dbase () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | session () | iconv () | standard (5.2.17) | json (1.2.1) | mbstring () | mcrypt () | mhash () | mime_magic (0.1) | mysql (1.0) | SimpleXML (0.1) | pgsql () | posix () | pspell () | Reflection (0.1) | imap () | SPL (0.2) | mysqli (0.1) | soap () | sockets () | exif (1.4 $Id: exif.c 293036 2010-01-03 09:23:27Z sebastian $) | tidy (2.0) | tokenizer (0.1) | wddx () | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.8.11) | apache2handler () | timezonedb () | PDO (1.0.4dev) | pdo_sqlite (1.0.1) | SQLite (2.0-dev) | pdo_mysql (1.0.2) | uploadprogress (1.0.1) | ffmpeg (0.6.0-svn) | SourceGuardian (8.2) | ionCube Loader () | Zend Optimizer () | Zend Engine (2.2.0) |
Potential Missing Extensions :: suhosin |
Switch User Environment (Experimental) :: PHP CGI: No | Server SU: No | PHP SU: No | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Apache Modules :: core | mod_authn_file | mod_authn_default | mod_authz_host | mod_authz_groupfile | mod_authz_user | mod_authz_default | mod_auth_basic | mod_cache | mod_mem_cache | mod_include | mod_filter | mod_deflate | mod_log_config | mod_logio | mod_env | mod_mime_magic | mod_expires | mod_headers | mod_usertrack | mod_unique_id | mod_setenvif | mod_version | mod_proxy | mod_proxy_connect | mod_proxy_ftp | mod_proxy_http | mod_proxy_scgi | mod_proxy_ajp | mod_proxy_balancer | mod_ssl | prefork | http_core | mod_mime | mod_dav | mod_status | mod_autoindex | mod_asis | mod_info | mod_suexec | mod_cgi | mod_dav_fs | mod_negotiation | mod_dir | mod_actions | mod_speling | mod_userdir | mod_alias | mod_rewrite | mod_so | mod_auth_passthrough | mod_bwlimited | mod_fpcgid | mod_php5 | mod_security2 | Apache |
Potential Missing Modules :: mod_security | mod_evasive | mod_dosevasive | mod_qos | mod_userdir |
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |
Elevated Permissions (First 10) :: None attachments/ (777) | attachments/article/ (777) | attachments/article/334/ (777) | attachments/article/334/.svn/ (777) | attachments/article/334/.svn/prop-base/ (777) | attachments/article/334/.svn/text-base/ (777) | attachments/article/334/.svn/tmp/ (777) | attachments/article/334/.svn/tmp/prop-base/ (777) | attachments/article/334/.svn/tmp/props/ (777) |Extensions Discovered :: wrote:Components :: SITE :: User (1.5.0) | User (1.5.0) | Wrapper (1.5.0) | Wrapper (1.5.0) | MailTo (1.5.0) | MailTo (1.5.0) |
Components :: ADMIN :: Mass Mail (1.5.0) | Mass Mail (1.5.0) | Weblinks (1.5.0) | Weblinks (1.5.0) | Content Page (1.5.0) | Module Manager (1.5.0) | Module Manager (1.5.0) | User Manager (1.5.0) | User Manager (1.5.0) | Contact Items (1.0.0) | Contact Items (1.0.0) | Contact (1.5.0) | Attachments (2.1.2) | Attachments (2.1.2) | Content - Attachments (2.1.2) | Content - Attachments (2.1.2) | Attachments - For Content (2.1.2) | Attachments - For Content (2.1.2) | Editor Button - Add Attachment (2.1.2) | Editor Button - Add Attachment (2.1.2) | System - Show attachments in e (2.1.2) | System - Show attachments in e (2.1.2) | Search - Attachments (2.1.2) | Search - Attachments (2.1.2) | Attachments - For Components P (2.1.2) | Attachments - For Components P (2.1.2) | Editor Button - Insert Attachm (2.1.2) | Editor Button - Insert Attachm (2.1.2) | Plugin Manager (1.5.0) | Plugin Manager (1.5.0) | Newsfeeds (1.5.0) | Newsfeeds (1.5.0) | Installation Manager (1.5.0) | Installation Manager (1.5.0) | Template Manager (1.5.0) | Template Manager (1.5.0) | Configuration Manager (1.5.0) | Configuration Manager (1.5.0) | Search (1.5.0) | Search (1.5.0) | Control Panel (1.5.0) | Control Panel (1.5.0) | Messaging (1.5.0) | Messaging (1.5.0) | Content Page (1.5.0) | Content Page (1.5.0) | Language Manager (1.5.0) | Language Manager (1.5.0) | Attachments (2.1.2) | Content - Attachments (2.1.2) | Attachments - For Content (2.1.2) | Editor Button - Add Attachment (2.1.2) | System - Show attachments in e (2.1.2) | Search - Attachments (2.1.2) | Attachments - For Components P (2.1.2) | Editor Button - Insert Attachm (2.1.2) | Polls (1.5.0) | Polls (1.5.0) | Menus Manager (1.5.0) | Menus Manager (1.5.0) | Banners (1.5.0) | Banners (1.5.0) | pi_admin_user_access (2.0.6) | pi_admin_user_access (2.0.6) | Cache Manager (1.5.0) | Cache Manager (1.5.0) | Service (1.5.0) | Service (1.5.0) | Trash (1.0.0) | Trash (1.0.0) | JCE (1.5.7.4) | JCE (1.5.7.4) | Frontpage (1.5.0) | Frontpage (1.5.0) | Media Manager (1.5.0) | Media Manager (1.5.0) | JoomlaPack (2.4) | JoomlaPack Backup Notification (1.0) | JoomlaPack Backup Notification (1.0) | JoomlaPack (2.4) |
Modules :: SITE :: Poll (1.5.0) | Poll (1.5.0) | Search (1.0.0) | Search (1.0.0) | Most Read Content (1.5.0) | Most Read Content (1.5.0) | Random Image (1.5.0) | Random Image (1.5.0) | BLOG (1.0.0) | BLOG (1.0.0) | Banner (1.5.0) | Banner (1.5.0) | Newsflash (1.5.0) | Newsflash (1.5.0) | Sign Up (1.0.0) | Sign Up (1.0.0) | Latest News (1.5.0) | Latest News (1.5.0) | Syndicate (1.5.0) | Syndicate (1.5.0) | Who\'s Online (1.0.0) | Who\'s Online (1.0.0) | Breadcrumbs (1.5.0) | Breadcrumbs (1.5.0) | Media Search (1.0.0) | Media Search (1.0.0) | Huson Menu (1.0.0) | Huson Menu (1.0.0) | Media Search List (1.0.0) | Media Search List (1.0.0) | Related Items (1.0.0) | Related Items (1.0.0) | Feed Display (1.5.0) | Feed Display (1.5.0) | Archived Content (1.5.0) | Archived Content (1.5.0) | Wrapper (1.0.0) | Wrapper (1.0.0) | Custom HTML (1.5.0) | Custom HTML (1.5.0) | Contact Us (1.0.0) | Contact Us (1.0.0) | LATEST NEWS (1.5.0) | LATEST NEWS (1.5.0) | Title (1.0.0) | Title (1.0.0) | Key Facts (1.0.0) | Key Facts (1.0.0) | Sections (1.5.0) | Sections (1.5.0) | Login (1.5.0) | Login (1.5.0) | Footer (1.5.0) | Footer (1.5.0) | Services (1.0.0) | Services (1.0.0) | Single Item (1.0.0) | Single Item (1.0.0) | Statistics (1.5.0) | Statistics (1.5.0) | Menu (1.5.0) | Menu (1.5.0) | Child menu (1.5.23) | Child menu (1.5.23) | Admin user access (frontend) (2.0.6) | Admin user access (frontend) (2.0.6) | Media Search (1.0.0) | Media Search (1.0.0) |
Modules :: ADMIN :: Admin Submenu (1.0.0) | Admin Submenu (1.0.0) | Logged in Users (1.0.0) | Logged in Users (1.0.0) | Online Users (1.0.0) | Online Users (1.0.0) | Toolbar (1.0.0) | Toolbar (1.0.0) | Popular Items (1.0.0) | Popular Items (1.0.0) | Unread Items (1.0.0) | Unread Items (1.0.0) | Feed Display (1.5.0) | Feed Display (1.5.0) | Custom HTML (1.5.0) | Custom HTML (1.5.0) | User Status (1.5.0) | User Status (1.5.0) | Admin Menu (1.0.0) | Admin Menu (1.0.0) | JoomlaPack Backup Notification (1.0) | JoomlaPack Backup Notification (1.0) | Title (1.0.0) | Title (1.0.0) | Login Form (1.0.0) | Login Form (1.0.0) | Latest News (1.0.0) | Latest News (1.0.0) | Footer (1.0.0) | Footer (1.0.0) | Items Stats (1.0.0) | Items Stats (1.0.0) | Admin user access (backend) (2.0.9) | Admin user access (backend) (2.0.9) | Quick Icons (1.0.0) | Quick Icons (1.0.0) |
Plugins :: SITE :: Search - Categories (1.5) | Search - Weblinks (1.5) | Search - Contacts (1.5) | Search - Sections (1.5) | Search - Content (1.5) | Search - Attachments (2.1.2) | Search - Attachments (2.1.2) | Search - Content (1.5) | Search - Sections (1.5) | Search - Categories (1.5) | Search - Weblinks (1.5) | Search - Newsfeeds (1.5) | Search - Contacts (1.5) | Search - Newsfeeds (1.5) | Attachments - For Content (2.1.2) | Attachments - For Content (2.1.2) | Attachments - For Components P (2.1.2) | Attachments - For Components P (2.1.2) | Content - Pagebreak (1.5) | Content - Email Cloaking (1.5) | Content - Code Highlighter (Ge (1.5) | Content - Page Navigation (1.5) | Content - Load Modules (1.5) | Content - Vote (1.5) | Content - Attachments (2.1.2) | AllVideos (by JoomlaWorks) (3.1) | Content - Attachments (2.1.2) | AllVideos (by JoomlaWorks) (3.1) | Content - Email Cloaking (1.5) | Content - Page Navigation (1.5) | Content - Code Highlighter (Ge (1.5) | Content - Pagebreak (1.5) | Content - Example (1.0) | Content - Vote (1.5) | Content - Load Modules (1.5) | Content - Example (1.0) | Authentication - Joomla (1.5) | Authentication - OpenID (1.5) | Authentication - GMail (1.5) | Authentication - LDAP (1.5) | Authentication - LDAP (1.5) | Authentication - OpenID (1.5) | Authentication - GMail (1.5) | Authentication - Joomla (1.5) | Authentication - Example (1.5) | Authentication - Example (1.5) | Button - Readmore (1.5) | Button - Pagebreak (1.5) | Button - Image (1.0.0) | Editor Button - Add Attachment (2.1.2) | Editor Button - Insert Attachm (2.1.2) | Button - Image (1.0.0) | Button - Readmore (1.5) | Editor Button - Insert Attachm (2.1.2) | Button - Pagebreak (1.5) | Editor Button - Add Attachment (2.1.2) | User - Joomla! (1.5) | User - Joomla! (1.5) | User - Example (1.0) | User - Example (1.0) | Editor - TinyMCE 3 (3.2.6) | Editor - JCE 1.5.7.4 (1.5.7.4) | Editor - XStandard Lite for Jo (1.0) | Editor - None (1.0) | Editor - XStandard Lite for Jo (1.0) | Editor - JCE 1.5.7.4 (1.5.7.4) | Editor - TinyMCE 3 (3.2.6) | Zoo2 Links for Advanced Link (1.0.0) | Joomla! Links for Advanced Lin (1.2.1) | Zoo2 Links for Advanced Link (1.0.0) | Joomla! Links for Advanced Lin (1.2.1) | Advanced Link (1.5.7.4) | Advanced Link (1.5.7.4) | Advanced Code Editor (1.5.7.4) | Advanced Code Editor (1.5.7.4) | Paste (1.5.7.4) | Paste (1.5.7.4) | Paste (1.5.7.4) | Paste (1.5.7.4) | File Browser (1.5.7.4) | File Browser (1.5.7.4) | JCE SPELLCHECKER TITLE (1.5.7.4) | JCE SPELLCHECKER TITLE (1.5.7.4) | Image Manager (1.5.7.4) | Image Manager (1.5.7.4) | Media Object support (1.5.7.4) | Media Object support (1.5.7.4) | XML-RPC - Joomla API (1.0) | XML-RPC - Blogger API (1.0) | XML-RPC - Blogger API (1.0) | XML-RPC - Joomla API (1.0) | System - Legacy (1.5) | System - Debug (1.5) | System - Remember Me (1.5) | System - Cache (1.5) | System - Show attachments in e (2.1.2) | System - Mootools Upgrade (1.5) | System - SEF (1.5) | System - Backlinks (1.5) | System - Show attachments in e (2.1.2) | System - Legacy (1.5) | System - SEF (1.5) | System - Mootools Upgrade (1.5) | System - Cache (1.5) | System - Debug (1.5) | System - Log (1.5) | System - Remember Me (1.5) | System - Log (1.5) | System - Backlinks (1.5) | Search - Categories (1.5) | Search - Weblinks (1.5) | Search - Contacts (1.5) | Search - Sections (1.5) | Search - Content (1.5) | Search - Attachments (2.1.2) | Search - Content (1.5) | Search - Sections (1.5) | Search - Categories (1.5) | Search - Weblinks (1.5) | Search - Newsfeeds (1.5) | Search - Contacts (1.5) | Search - Newsfeeds (1.5) | Attachments - For Content (2.1.2) | Attachments - For Components P (2.1.2) | Content - Pagebreak (1.5) | Content - Email Cloaking (1.5) | Content - Code Highlighter (Ge (1.5) | Content - Page Navigation (1.5) | Content - Load Modules (1.5) | Content - Vote (1.5) | Content - Attachments (2.1.2) | AllVideos (by JoomlaWorks) (3.1) | Content - Email Cloaking (1.5) | Content - Page Navigation (1.5) | Content - Code Highlighter (Ge (1.5) | Content - Pagebreak (1.5) | Content - Example (1.0) | Content - Vote (1.5) | Content - Load Modules (1.5) | Content - Example (1.0) | Authentication - Joomla (1.5) | Authentication - OpenID (1.5) | Authentication - GMail (1.5) | Authentication - LDAP (1.5) | Authentication - LDAP (1.5) | Authentication - OpenID (1.5) | Authentication - GMail (1.5) | Authentication - Joomla (1.5) | Authentication - Example (1.5) | Authentication - Example (1.5) | Button - Readmore (1.5) | Button - Pagebreak (1.5) | Button - Image (1.0.0) | Editor Button - Add Attachment (2.1.2) | Editor Button - Insert Attachm (2.1.2) | Button - Image (1.0.0) | Button - Readmore (1.5) | Button - Pagebreak (1.5) | User - Joomla! (1.5) | User - Joomla! (1.5) | User - Example (1.0) | User - Example (1.0) | Editor - TinyMCE 3 (3.2.6) | Editor - JCE 1.5.7.4 (1.5.7.4) | Editor - XStandard Lite for Jo (1.0) | Editor - None (1.0) | Editor - XStandard Lite for Jo (1.0) | Editor - TinyMCE 3 (3.2.6) | Zoo2 Links for Advanced Link (1.0.0) | Joomla! Links for Advanced Lin (1.2.1) | Advanced Link (1.5.7.4) | Advanced Code Editor (1.5.7.4) | Paste (1.5.7.4) | Paste (1.5.7.4) | File Browser (1.5.7.4) | JCE SPELLCHECKER TITLE (1.5.7.4) | Image Manager (1.5.7.4) | Media Object support (1.5.7.4) | XML-RPC - Joomla API (1.0) | XML-RPC - Blogger API (1.0) | XML-RPC - Blogger API (1.0) | XML-RPC - Joomla API (1.0) | System - Legacy (1.5) | System - Debug (1.5) | System - Remember Me (1.5) | System - Cache (1.5) | System - Show attachments in e (2.1.2) | System - Mootools Upgrade (1.5) | System - SEF (1.5) | System - Backlinks (1.5) | System - Legacy (1.5) | System - SEF (1.5) | System - Mootools Upgrade (1.5) | System - Cache (1.5) | System - Debug (1.5) | System - Log (1.5) | System - Remember Me (1.5) | System - Log (1.5) | System - Backlinks (1.5) |Templates Discovered :: wrote:Templates :: SITE :: beez (1.0.0) | beez (1.0.0) | huson (1.0.0) | huson (1.0.0) | rhuk_milkyway (1.0.2) | rhuk_milkyway (1.0.2) | JA_Purity (1.2.0) | JA_Purity (1.2.0) |
Templates :: ADMIN :: Khepri (1.0) | Khepri (1.0) |
Ed