The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 18 posts ] 
  Print view Previous topic | Next topic 
Author Message
petter132
PostPosted: Wed Apr 25, 2012 8:27 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Hi

Have a big problem. At my site anybody can login just by using there username. No password is needed.
I havent turnd off anything, so don't know whats causing this.

I can login as admin both in front page and administrator page
and i can also login as a registerd user, only by using the username.

I have been hacked some time ago, but noticed this by accident know.
Now i can't sleep befor i figure this out. Anybody have a clue how to fix this?

Anybody can login to joomla using only username, and type what every thay want in the password feild og just leave it empty. This works for all type of users superadministrator and reguler users

Need some help please

Using Joomla 1.5.26
Using VM 1.1.9


Last edited by petter132 on Wed Apr 25, 2012 10:49 pm, edited 1 time in total.

Top
 Profile  
 
Webdongle
PostPosted: Wed Apr 25, 2012 8:42 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
Have you installed an extension like http://extensions.joomla.org/extensions ... ogin/10391 ?

Put your url into http://sitecheck.sucuri.net/scanner/ and see the results.

PM me the url if you want to ?

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 8:53 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Hi

Thanks for the quick reply, but cant send privet message yet, user is to new.

Checked the URL with the site you sugdested, no error found.

searched for the hackme extention, but did'nt find anything.

So something is verry worg. Is there some how i can give you my url privet?

Or do you have any other sugdestions?

Thanks for helping
Top
 Profile  
 
mandville
PostPosted: Wed Apr 25, 2012 9:02 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11634
Location: The Girly Side of Joomla in Sussex
q.
has it suddenly happened?
have you changed browsers
check your cache and session times in j
can anyone access your admin panel without credentials?

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}
Top
 Profile  
 
Webdongle
PostPosted: Wed Apr 25, 2012 9:05 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
mandville wrote:
...
can anyone access your admin panel without credentials?

That's why I asked for him to PM me. Have sent him my email so I can check it is how he says or if it is cache.

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 9:11 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
I don't know when it happend. I got some email spamming problems and an evil index.htm fil on my site some day ago.

So i thougt it be good to change admin password.
After changing the password, i still could logon with the old password, Thats when i stating thinking something was wrong.
So then i just tryed to login to the adminsite. at http://www.mysite.com/administrator/
using only admin and din't type any password. and i could login.
or i can type what ever i want in the password feild and still login.

I tested form the fornt page, worked there as well.
So i disabeld the admin acount for now.
but any users can also login using just by using there username.

Tested it on serveral browsers and computers.
So don't think its cache session problem ?

Can there be some problem with som .php files?
Don't know were to start looking.
Top
 Profile  
 
Webdongle
PostPosted: Wed Apr 25, 2012 9:14 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
Have you got my PM with my email address ?
If you email me the url then I can check see if the problem can be replicated on my PC.

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 9:19 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Webdongle have sent you an email.
Top
 Profile  
 
mandville
PostPosted: Wed Apr 25, 2012 9:32 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11634
Location: The Girly Side of Joomla in Sussex
i have sent you both a Pm with a possible solution, petter132 - let me know if you didnt receive it so that webdongle can send in an email to

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 9:36 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Hi mandville

Got your message i have the screet feild in the global configuration.
So it's not that i guess? Tanks for the tip
Top
 Profile  
 
Webdongle
PostPosted: Wed Apr 25, 2012 9:42 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
I can confirm that just by putting the username in without password will login to the backend.

I have found a component that I think is the cause or could be. I would like permission to uninstall it and reupload the Joomla core files.

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 9:44 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Addition information.

As i have told i don't know when this have happen. It can have been so for a long ting (gives me the creeps)

I have a plugin/modul (email_as_username) this to use email to login insted of username. Username can also be used. This plugin is form http://www.lunarhotel.co.uk/
Do you know this plugin? can that plugin mess things up ?
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 9:45 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Webdongle whitch componet do you suspect?

I wil try anything to get this working.
What do you need?
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 9:47 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Webdongle

you have my primission to test it out.
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 10:31 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Webdongle - THANKS THANKS THANKS
Looks like things work know. just one thing to say "YOU ARE GOD"

Looks like the admin tool and backup tool can be good the have? So you can let i be there if thats ok whit you ?
Top
 Profile  
 
Webdongle
PostPosted: Wed Apr 25, 2012 10:41 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
  • Installed Akeeba and backed up
    Backup showed successful with warning 'Unreadable file.../www/components/com_jcomments/jomsocial_rule.xml. Check permissions'
  • Installed Admin tools and used it to reinstate Joomla core files
    it stopped part way with error about opening a template image file for rewrite.
    Second attempt wrote the files
  • Logged out tried logging in without password and with any alphanumeric. Tested on several Browsers. Appears to be fixed now.
  • Backed up site again
    same warning but shows successful. try the jpa on your PC to see if it is good.

Try the site now. No guaranties but it looks OK now. A lot of security suggestions can be found at viewtopic.php?f=432&t=475313 . Ignore the parts about deleting because that is for hacked sites. Concentrate on the security suggestions.

Thanks go to mandvill for this ... PM's helped locate the error.

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
petter132
PostPosted: Wed Apr 25, 2012 10:44 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Apr 25, 2012 8:16 pm
Posts: 10
Once again thanks you so much. I will look into the security tings. But now the very esential problem seems fixed. So thanks for the help. Can i deactivate the admin account you used now?
Top
 Profile  
 
Webdongle
PostPosted: Wed Apr 25, 2012 10:46 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
Yes, please do. And mark the first post as solved please.

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 18 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Who is online

Users browsing this forum: PhilD and 15 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group