Phishing - I am quite a noob

Discussion regarding Joomla! 2.5 security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Locked
kwaczek
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Tue Mar 21, 2017 9:07 am

Phishing - I am quite a noob

Post by kwaczek » Tue Mar 21, 2017 9:09 am

Problem Description :: Forum Post Assistant (v1.3.0) : 21st March 2017 wrote:Phishing attack - domain has been blocked by my provider
Actions Taken To Resolve by Forum Post Assistant (v1.3.0) 21st March 2017 wrote:I have no clue what files I should search for.
Can you help me please?

Thank you
Forum Post Assistant (v1.3.0) : 21st March 2017 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.4-Stable (Ember) 2-April-2012
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Read-Only (444) | Owner: --protected-- . (uid: /gid: ) | Group: --protected-- (gid: ) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 0 | Cache: 1 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 2.6.18-416.el5 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: /home/bruckler.eu/bruckler.eu | System TMP Writable: Yes

PHP Configuration :: Version: 5.3.29 | PHP API: apache2handler | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: | Last Known Error: | Register Globals: 0 | Magic Quotes: 0 | Safe Mode: | Open Base: /home/bruckler.eu/bruckler.eu:/home/bruckler.eu/data:/tmp:/usr/share/pear | Uploads: 1 | Max. Upload Size: 32M | Max. POST Size: 128M | Max. Input Time: 60 | Max. Execution Time: 7 | Memory Limit: 128M

MySQL Configuration :: Version: 5.5.52-MariaDB (Client:5.0.95) | Host: --protected-- (--protected--) | Collation: utf8_unicode_ci (Character Set: utf8) | Database Size: 7.59 MiB | #of Tables:  65
Detailed Environment :: wrote:PHP Extensions :: Core (5.3.29) | date (5.3.29) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bz2 () | calendar () | ctype () | hash (1.0) | filter (0.11.0) | ftp () | gettext () | gmp () | SPL (0.2) | iconv () | Reflection ($Id: 4af6c4c676864b1c0bfa693845af0688645c37cf $) | session () | standard (5.3.29) | shmop () | SimpleXML (0.1) | sockets () | exif (1.4 $Id$) | tokenizer (0.1) | xml () | apache2handler () | apc (3.1.9) | bcmath () | curl () | dba () | dom (20031129) | fileinfo (1.0.5-dev) | gd () | imap () | intl (1.1.0) | json (1.2.1) | ldap () | mbstring () | mcrypt () | mssql () | mysql (1.0) | mysqli (0.1) | PDO (1.0.4dev) | pdo_dblib (1.0.1) | pdo_mysql (1.0.2) | pdo_pgsql (1.0.2) | pdo_sqlite (1.0.1) | pgsql () | Phar (2.0.1) | pspell () | soap () | tidy (2.0) | wddx () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | Zend Engine (2.3.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: No | Server SU: No | PHP SU: No | Custom SU (LiteSpeed/Cloud/Grid): No
Potential Ownership Issues: Maybe

Apache Modules :: core | itk | http_core | mod_so | mod_auth_basic | mod_auth_digest | mod_authn_file | mod_authn_alias | mod_authn_default | mod_authz_host | mod_authz_user | mod_authz_groupfile | mod_authz_default | mod_log_config | mod_logio | mod_env | mod_expires | mod_headers | mod_setenvif | mod_mime | mod_status | mod_autoindex | mod_negotiation | mod_dir | mod_alias | mod_rewrite | mod_proxy | mod_cgi | mod_loadavg | mod_extract_forwarded | mod_php5 | Apache |
Potential Missing Modules :: mod_deflate | mod_security | mod_evasive | mod_dosevasive | mod_ssl | mod_qos | mod_userdir |
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::
Extensions Discovered :: wrote:Components :: SITE :: com_mailto (2.5.0) 1 | com_wrapper (2.5.0) 1 | WF_LINK_SEARCH_TITLE (2.3.2.4) 1 | WF_LINKS_JOOMLALINKS_TITLE (2.3.2.4) 1 | WF_FILESYSTEM_JOOMLA_TITLE (2.3.2.4) 1 | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.3.2.4) 1 | WF_AGGREGATOR_VIMEO_TITLE (2.3.2.4) 1 | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.2.4) 1 | WF_AGGREGATOR_[youtube]_TITLE (2.3.2.4) 1 | WF_POPUPS_WINDOW_TITLE (2.3.2.4) 1 | WF_POPUPS_JCEMEDIABOX_TITLE (2.3.2.4) 1 | WF_TEXTCASE_TITLE (2.3.2.4) 1 | WF_XHTMLXTRAS_TITLE (2.3.2.4) 1 | WF_IMGMANAGER_TITLE (2.3.2.4) 1 | WF_CHARMAP_TITLE (2.3.2.4) 1 | WF_LINK_TITLE (2.3.2.4) 1 | WF_DIRECTIONALITY_TITLE (2.3.2.4) 1 | WF_PREVIEW_TITLE (2.3.2.4) 1 | WF_SEARCHREPLACE_TITLE (2.3.2.4) 1 | WF_AUTOSAVE_TITLE (2.3.2.4) 1 | WF_MEDIA_TITLE (2.3.2.4) 1 | WF_FULLSCREEN_TITLE (2.3.2.4) 1 | WF_ANCHOR_TITLE (2.3.2.4) 1 | WF_LISTS_TITLE (2.3.2.4) 1 | WF_TABLE_TITLE (2.3.2.4) 1 | WF_LAYER_TITLE (2.3.2.4) 1 | WF_KITCHENSINK_TITLE (2.3.2.4) 1 | WF_NONBREAKING_TITLE (2.3.2.4) 1 | WF_INLINEPOPUPS_TITLE (2.3.2.4) 1 | WF_CONTEXTMENU_TITLE (2.3.2.4) 1 | WF_SPELLCHECKER_TITLE (2.3.2.4) 1 | WF_CLEANUP_TITLE (2.3.2.4) 1 | WF_SOURCE_TITLE (2.3.2.4) 1 | WF_ARTICLE_TITLE (2.3.2.4) 1 | WF_PRINT_TITLE (2.3.2.4) 1 | WF_CLIPBOARD_TITLE (2.3.2.4) 1 | WF_STYLE_TITLE (2.3.2.4) 1 | WF_BROWSER_TITLE (2.3.2.4) 1 | WF_VISUALCHARS_TITLE (2.3.2.4) 1 | WF_VISUALBLOCKS_TITLE (2.3.2.4) 1 |
Components :: ADMIN :: FlexiContact (6.02) 1 | com_finder (2.5.0) 1 | com_modules (2.5.0) 1 | com_installer (2.5.0) 1 | Unknown (-) 1 | JCE (2.3.2.4) 1 | com_messages (2.5.0) 1 | com_banners (2.5.0) 1 | com_content (2.5.0) 1 | com_languages (2.5.0) 1 | com_checkin (2.5.0) 1 | com_menus (2.5.0) 1 | com_weblinks (2.5.0) 1 | com_joomlaupdate (2.5.0) 1 | com_media (2.5.0) 1 | com_templates (2.5.0) 1 | com_plugins (2.5.0) 1 | com_search (2.5.0) 1 | com_cache (2.5.0) 1 | com_categories (2.5.0) 1 | com_users (2.5.0) 1 | com_admin (2.5.0) 1 | com_xmap (2.3.3) 1 | com_cpanel (2.5.0) 1 | com_config (2.5.0) 1 | com_newsfeeds (2.5.0) 1 | com_login (2.5.0) 1 | com_redirect (2.5.0) 1 |

Modules :: SITE :: mod_whosonline (2.5.0) 1 | mod_login (2.5.0) 1 | mod_articles_categories (2.5.0) 1 | mod_custom (2.5.0) 1 | mod_users_latest (2.5.0) 1 | mod_stats (2.5.0) 1 | mod_articles_latest (2.5.0) 1 | mod_menu (2.5.0) 1 | mod_articles_news (2.5.0) 1 | mod_languages (2.5.0) 1 | mod_breadcrumbs (2.5.0) 1 | mod_random_image (2.5.0) 1 | mod_related_items (2.5.0) 1 | mod_articles_category (2.5.0) 1 | mod_banners (2.5.0) 1 | mod_feed (2.5.0) 1 | mod_wrapper (2.5.0) 1 | mod_weblinks (2.5.0) 1 | mod_articles_archive (2.5.0) 1 | mod_footer (2.5.0) 1 | mod_articles_popular (2.5.0) 1 | mod_finder (2.5.0) 1 | mod_search (2.5.0) 1 | sigplus (1.4.2.15) 1 | mod_syndicate (2.5.0) 1 |
Modules :: ADMIN :: mod_quickicon (2.5.0) 1 | mod_login (2.5.0) 1 | mod_status (2.5.0) 1 | mod_version (2.5.0) 1 | mod_custom (2.5.0) 1 | mod_toolbar (2.5.0) 1 | mod_latest (2.5.0) 1 | mod_menu (2.5.0) 1 | mod_multilangstatus (2.5.0) 1 | mod_feed (2.5.0) 1 | mod_logged (2.5.0) 1 | mod_title (2.5.0) 1 | mod_submenu (2.5.0) 1 | mod_popular (2.5.0) 1 |

Plugins :: SITE :: plg_quickicon_joomlaupdate (2.5.0) 1 | plg_quickicon_extensionupdate (2.5.0) 1 | plg_quickicon_jcefilebrowser (2.3.2.4) 1 | PLG_EASYKEYWORDSITEMAP (2.5-4) 0 | plg_content_vote (2.5.0) 1 | plg_content_emailcloak (2.5.0) 1 | plg_content_loadmodule (2.5.0) 1 | plg_content_geshi (2.5.0) 0 | plg_content_pagenavigation (2.5.0) 1 | plg_content_pagebreak (2.5.0) 1 | Content - Image gallery - sigp (1.4.2.15) 1 | plg_content_joomla (2.5.0) 1 | plg_content_finder (2.5.0) 0 | plg_search_content (2.5.0) 1 | plg_search_weblinks (2.5.0) 1 | plg_search_newsfeeds (2.5.0) 1 | plg_search_contacts (2.5.0) 1 | plg_search_categories (2.5.0) 1 | plg_captcha_recaptcha (2.5.0) 1 | plg_extension_joomla (2.5.0) 1 | plg_editors_codemirror (1.0) 1 | plg_editors_tinymce (3.4.9) 1 | plg_editors_jce (2.3.2.4) 1 | plg_editors-xtd_readmore (2.5.0) 1 | plg_editors-xtd_pagebreak (2.5.0) 1 | plg_editors-xtd_image (2.5.0) 1 | plg_editors-xtd_article (2.5.0) 1 | plg_user_profile (2.5.0) 0 | plg_user_contactcreator (2.5.0) 0 | plg_user_joomla (2.5.0) 1 | plg_authentication_gmail (2.5.0) 0 | plg_authentication_joomla (2.5.0) 1 | plg_authentication_ldap (2.5.0) 0 | plg_system_sef (2.5.0) 1 | plg_system_remember (2.5.0) 1 | plg_system_languagecode (2.5.0) 0 | plg_system_languagefilter (2.5.0) 1 | plg_system_redirect (2.5.0) 1 | plg_system_cache (2.5.0) 0 | plg_system_debug (2.5.0) 1 | plg_system_logout (2.5.0) 1 | plg_system_p3p (2.5.0) 1 | Plugin Include Component (1.13) 1 | plg_system_highlight (2.5.0) 1 | plg_system_log (2.5.0) 1 | plg_finder_content (2.5.0) 1 | plg_finder_weblinks (2.5.0) 1 | plg_finder_newsfeeds (2.5.0) 1 | plg_finder_contacts (2.5.0) 1 | plg_finder_categories (2.5.0) 1 | Xmap - Content Plugin (2.0.4) 1 | XMAP_PLUGIN_K2 (1.3) 1 | Xmap - WebLinks Plugin (2.0.1) 1 | Xmap - Kunena Plugin (2.0.3) 1 | Xmap - Mosets Tree Plugin (2.0.2) 1 | Xmap - SobiPro Plugin (2.0.2) 1 | Xmap - Virtuemart Plugin (2.0.1) 1 |
Templates Discovered :: wrote:Templates :: SITE :: beez_20 (2.5.0) 1 | sollialite2 (3.0) 1 | atomic (2.5.0) 1 | beez5 (2.5.0) 1 |
Templates :: ADMIN :: bluestork (2.5.0) 1 | hathor (2.5.0) 1 |
Top
User avatar
andypooz
Joomla! Guru
Joomla! Guru
Posts: 728
Joined: Sat Dec 30, 2006 3:03 pm
Location: London, UK
Contact:
Contact andypooz

Re: Phishing - I am quite a noob

Post by andypooz » Tue Mar 21, 2017 9:47 am

There are loads of articles that show you what to do if you search for them: https://www.joomshaper.com/blog/my-joom ... what-to-do
This is just one of them.
Andy Hickey
Bespoke Joomla Extension Developer
http://www.netamity.com
Top
Locked

Return to “Security in Joomla! 2.5”