[SOLVED] Hacked Again? (SMF)
Moderator: General Support Moderators
Forum rules
- Joo
- Joomla! Intern
- Posts: 67
- Joined: Fri Nov 25, 2005 2:49 pm
[SOLVED] Hacked Again? (SMF)
A couple of days ago, I was hacked through SMF just one day after forum setup. The hacker got in through some some dirs which had permission 777. I fixed it and everything was working as it should. Today, when I clicked the menu link for the forum, the page began to flicker and I could see on status bar it was requestion a page repeadetly. Then it all stops and all what's left to see is the header part (of Joomla!). Everything else is blank. No forum. The strange thing here is that this happens only in IE, not in Firefox. But how could this happen if no one has altered anything since I left working fine? anyone here experiencing the same problem? I went through my directoris and files and couldn't find anything suspicious.
Last edited by Joo on Sun Jul 23, 2006 1:37 pm, edited 1 time in total.
http://www.webdesigngold.com
Web Design Resources
Web Design Resources
-
- Joomla! Intern
- Posts: 64
- Joined: Mon Aug 22, 2005 6:47 pm
Re: Hacked Again? (SMF)
Can you give this site URL
here or PM
here or PM
- drummergirl
- Joomla! Explorer
- Posts: 322
- Joined: Wed Feb 22, 2006 9:51 pm
- Location: Illinois
- Contact:
Re: Hacked Again? (SMF)
Check your index page and make sure you have the correct code inserted for SMF to work with IE:
I had this problem last week and it was becasue I had accidentally removed that line of code.
I had this problem last week and it was becasue I had accidentally removed that line of code.
Gretchen
http://www.GirlsCantWhat.com
http://www.GirlsCantWhat.com
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: Hacked Again? (SMF)
Bleh. That is a bad line of code. $GLOBALS should not be used anymore. It is deprecated and insecure. Is this a hack to the component or something that comes with it?
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
- drummergirl
- Joomla! Explorer
- Posts: 322
- Joined: Wed Feb 22, 2006 9:51 pm
- Location: Illinois
- Contact:
Re: Hacked Again? (SMF)
Yeah - I was just about to post back and say I discovered Orstio has new update to the bridge:
http://www.simplemachines.org/community ... ic=97649.0
The new bridge (1.1.5a) does not require that code in the template anymore.
I'm updating my site with it right now...
http://www.simplemachines.org/community ... ic=97649.0
The new bridge (1.1.5a) does not require that code in the template anymore.
I'm updating my site with it right now...
Gretchen
http://www.GirlsCantWhat.com
http://www.GirlsCantWhat.com
- Joo
- Joomla! Intern
- Posts: 67
- Joined: Fri Nov 25, 2005 2:49 pm
Re: Hacked Again? (SMF)
I have the latest versions of everything.
Sorry, I don't want to post the site in public yet. I've sent the url to you Mauri.
I'm beginning to believe this issue has to do with my Gallery2 installation. Which was made after SMF. So I didn't tell the whole truth about nothing had been changed. In fact, I tried this solution and at ONE occasion it worked, then stopped working again.
Sorry, I don't want to post the site in public yet. I've sent the url to you Mauri.
I'm beginning to believe this issue has to do with my Gallery2 installation. Which was made after SMF. So I didn't tell the whole truth about nothing had been changed. In fact, I tried this solution and at ONE occasion it worked, then stopped working again.
http://www.webdesigngold.com
Web Design Resources
Web Design Resources
-
- Joomla! Intern
- Posts: 64
- Joined: Mon Aug 22, 2005 6:47 pm
Re: Hacked Again? (SMF)
I test your site with IE 6 browser and it works well , foorum too.
Now Iam job. When I come home I try test more with my home PC, .
I am thinking if it´s Your IE browser something wrong.
Mauri
Now Iam job. When I come home I try test more with my home PC, .
I am thinking if it´s Your IE browser something wrong.
Mauri
- Joo
- Joomla! Intern
- Posts: 67
- Joined: Fri Nov 25, 2005 2:49 pm
Re: Hacked Again? (SMF)
Thanks Mauri for ckecking it for me. I did ask a friend to test it and he said he had the same problem as I did. However, now when you said it's working, I asked him to check again and it's working (after some flickering he said). I believe the tweek I did helped after all. But somehow, not when viewd with my computer. I'm using the latest IE 6 and service pack 2. I do have many issues with Joomla admin panel that are javascript related. In Firefox there aren't such problems.
http://www.webdesigngold.com
Web Design Resources
Web Design Resources
-
- Joomla! Intern
- Posts: 64
- Joined: Mon Aug 22, 2005 6:47 pm
Re: Hacked Again? (SMF)
I send you PM
-
- Joomla! Intern
- Posts: 64
- Joined: Mon Aug 22, 2005 6:47 pm
Re: Hacked Again? (SMF)
Maybe there are CSS conflict , Joomla template CSS and SMF style CSS.
- Joo
- Joomla! Intern
- Posts: 67
- Joined: Fri Nov 25, 2005 2:49 pm
Re: Hacked Again? (SMF)
Problem solved! And believe it or not, that "deprecated" line of code that drummergirl mentionned did fix the problem. It was Orstio back at SMF forums who told me to add it. That, despite of him saying in the bridge's thread that for Joomla!, you don't need to add it. Only for Mambo.
Thanks to all who tried to help.
Thanks to all who tried to help.
Last edited by Joo on Sun Jul 23, 2006 2:16 pm, edited 1 time in total.
http://www.webdesigngold.com
Web Design Resources
Web Design Resources
-
- Joomla! Apprentice
- Posts: 19
- Joined: Wed Oct 12, 2005 5:16 pm
Re: [SOLVED] Hacked Again? (SMF)
I would love their to be an auto update feature for addons. I hope this will be included in 1.5 . I have had to disable all smf componets on my site. Its a pain, but they weren't adding much to the site anyway.
- drummergirl
- Joomla! Explorer
- Posts: 322
- Joined: Wed Feb 22, 2006 9:51 pm
- Location: Illinois
- Contact:
Re: [SOLVED] Hacked Again? (SMF)
FYI - I still need to use that code in my templates as well. Even with all the latest updates. I will report this to Orstio.
Gretchen
http://www.GirlsCantWhat.com
http://www.GirlsCantWhat.com
- Joo
- Joomla! Intern
- Posts: 67
- Joined: Fri Nov 25, 2005 2:49 pm
Re: [SOLVED] Hacked Again? (SMF)
Now I really need to know how bad that line of code is.. Does it compromise the site security in general? Is there a better option instead of using it? Thanks.
http://www.webdesigngold.com
Web Design Resources
Web Design Resources
-
- Joomla! Apprentice
- Posts: 19
- Joined: Wed Oct 12, 2005 5:16 pm
Re: [SOLVED] Hacked Again? (SMF)
The guys script opened a terminal onto my server and full read write/ rename access to everything on the server.
-
- Joomla! Intern
- Posts: 64
- Joined: Mon Aug 22, 2005 6:47 pm
Re: [SOLVED] Hacked Again? (SMF)
Have you get answer. Must we use that row in newest SMF + bridge ?drummergirl wrote: FYI - I still need to use that code in my templates as well. Even with all the latest updates. I will report this to Orstio.
-
- Joomla! Enthusiast
- Posts: 182
- Joined: Thu Aug 18, 2005 8:43 pm
- Contact:
Re: [SOLVED] Hacked Again? (SMF)
SOME servers still require that line of code to be added in the joomla template. The bridge readme indicates that...
If you are using SMF 1.1RC2 and bridge 1.1.5a, there should be no security risk.
If you are not using 1.1.5a, then you should upgrade asap.
TroyDoogle,
Why did you have to unpublish all of your smf modules? I have every single SMF module working properly with 1.1.5a of the bridge (although you will have to use the update versions. The versions from the 3.19a era bridge will not work with 1.1.3 or above)
If you are using SMF 1.1RC2 and bridge 1.1.5a, there should be no security risk.
If you are not using 1.1.5a, then you should upgrade asap.
TroyDoogle,
Why did you have to unpublish all of your smf modules? I have every single SMF module working properly with 1.1.5a of the bridge (although you will have to use the update versions. The versions from the 3.19a era bridge will not work with 1.1.3 or above)
-
- Joomla! Intern
- Posts: 64
- Joined: Mon Aug 22, 2005 6:47 pm
Re: [SOLVED] Hacked Again? (SMF)
OK
I gues, if you use Joomla 1.0.10 and SMF-bridge 1.5.0a, that row .. uses Joomla emulation $globals.. and it´s safe.
It would be nice if Orstio comment, that it´s safe to use that row?
I gues, if you use Joomla 1.0.10 and SMF-bridge 1.5.0a, that row .. uses Joomla emulation $globals.. and it´s safe.
It would be nice if Orstio comment, that it´s safe to use that row?
- drummergirl
- Joomla! Explorer
- Posts: 322
- Joined: Wed Feb 22, 2006 9:51 pm
- Location: Illinois
- Contact:
Re: [SOLVED] Hacked Again? (SMF)
Orstio just replied to my post at SMF and it is NOT a security risk to keep that code in the template.
Gretchen
http://www.GirlsCantWhat.com
http://www.GirlsCantWhat.com