Hi!
Have Joomla! 2.5.11 and MijoShop running about a year... and just getting problem that somehow all users password changing in database to different.... Still did not find why this happens ... Maybe some one have same problem or at least know how to get what plugin,module,extension or just code injection making that??????
Users password changing bySelf!??
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
-
ineteye
- Joomla! Fledgling
- Posts: 4
- Joined: Thu Oct 23, 2014 12:29 pm
-
mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Users password changing bySelf!??
You have an out of date vulnerable joomla .
please update and run the fpa
please update and run the fpa
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
ineteye
- Joomla! Fledgling
- Posts: 4
- Joined: Thu Oct 23, 2014 12:29 pm
Re: Users password changing bySelf!??
But how Forum Post Assistant can help??????????????????????
-
mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Users password changing bySelf!??
It will tell what extension you have and any out of date vulnerable ones
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
pe7er
- Joomla! Master
- Posts: 24968
- Joined: Thu Aug 18, 2005 8:55 pm
- Location: Nijmegen, Netherlands
- Contact:
Re: Users password changing bySelf!??
Forum Post Assistant itself cannot help,ineteye wrote:But how Forum Post Assistant can help??????????????????????
but it gives us the necessary information that we can use to advice you.
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
-
ineteye
- Joomla! Fledgling
- Posts: 4
- Joined: Thu Oct 23, 2014 12:29 pm
Re: Users password changing bySelf!??
OK... I update Joomla to latest version and all other componments... .and still have same problem ... FPA REPORT
You do not have the required permissions to view the files attached to this post.
-
mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Users password changing bySelf!??
the screenshot doesnt give us all the required info . follow the instructions please..http://forum.joomla.org/viewtopic.php?f=621&t=582860
the green area marked "show forum post assistant" then generate then copy and paste
but i can tell you now you have many out of date extensions .
the green area marked "show forum post assistant" then generate then copy and paste
but i can tell you now you have many out of date extensions .
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
ineteye
- Joomla! Fledgling
- Posts: 4
- Joined: Thu Oct 23, 2014 12:29 pm
Re: Users password changing bySelf!??
The problem not in out of date extensions at all... it works in same build couple of years and no problem... so install updates and think that it resolve a problem not a good idea at all... as i wrote earlier..... So is any idea to know why this happen??? Maybe someone know how to stat all request to mysql database?? to know what change password field in joomla user table?????????????????????
-
pe7er
- Joomla! Master
- Posts: 24968
- Joined: Thu Aug 18, 2005 8:55 pm
- Location: Nijmegen, Netherlands
- Contact:
Re: Users password changing bySelf!??
Outdated software works without any problems until a hacker (hackerscript) finds a security issue on your site in that outdated software...ineteye wrote:The problem not in out of date extensions at all... it works in same build couple of years and no problem...
See also https://docs.joomla.org/Security_Checklist
Side note: Joomla switched from md5 paswords to a safer methods (from PHP's md5() hashing to crypt()).
On newer Joomla versions, the old md5 style password will be converted automatically
to a newer Joomla "crypt" style password for individual users when they login into the website.
With phpMyAdmin you can see the encrypted passwords:
md5-hash:salt = old md5 style password
$1$ in password = new Joomla "crypt" style password
$2y$ or $2a$ = new BlowFish "crypt" style password
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
