Admin Password Changed in Database with Format Inconsistency

Discussion regarding Joomla! 3.x security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Locked
mhs_joom
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Mon Sep 22, 2014 3:51 pm

Admin Password Changed in Database with Format Inconsistency

Post by mhs_joom » Mon Sep 22, 2014 4:02 pm

I'm running Joomla 3.3.3.

All of a sudden, I am not able to log into my admin account on the front end or backend.

When I check the DB via PHPMyadmin and DB backups I discover that my password field is now different from previously.

And, that the format is different from everyone elses. Most users' passwords start with "$2y..." and some with "$P..." while mine starts with "y0/n...".

My question is, is there any reason Joomla would format my pw this way? If not, then the only other explanation is that something injected this new password into the DB directly. Should I be worried?

Is there a way to find out what, who, when, this field was edited int he database?

bwedesigners
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Sat Sep 27, 2014 11:52 am

Re: Admin Password Changed in Database with Format Inconsist

Post by bwedesigners » Sat Sep 27, 2014 12:06 pm

if you can't use you're admin account any more i would be worried.
Try to replace the Db admin password field with one of the backups or use the backup to restore your database. Install something like admintools for extra security.
Also you can use this (free) extension to search for vulnerabilities in your website:
http://extensions.joomla.org/extensions ... tion/27813

and change all your passwords!!
and look if al the permissions of your documents and files are correct (you can use admintools for this with fix permissions)

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15150
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Admin Password Changed in Database with Format Inconsist

Post by mandville » Sat Sep 27, 2014 12:20 pm

Run the fps as linked on the before you post sticky.
Then run checklist 7 as highlighted in that post
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}


Locked

Return to “Security in Joomla! 3.x”