User Password changed!! Topic is solved

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
FuzMic
Joomla! Explorer
Joomla! Explorer
Posts: 315
Joined: Mon Oct 08, 2012 4:45 am

User Password changed!!

Post by FuzMic » Mon Jun 29, 2020 6:47 am

Hi guys

Recently in one of my website, i found it can't log in to the Joomla BackEnd. When inspecting the mysql, i found the Super Admin password was changed.

How can i prevent this from happening? Does this mean the website is compromised?
What route does intruder use to make the change.

User avatar
pe7er
Joomla! Master
Joomla! Master
Posts: 22796
Joined: Thu Aug 18, 2005 8:55 pm
Location: Nijmegen, Netherlands
Contact:

Re: User Password changed!!

Post by pe7er » Mon Jun 29, 2020 6:53 am

Please give some background info about your setup
using Forum Post Assistant / FPA https://forumpostassistant.github.io/docs/
Kind Regards,
Peter Martin, Global Moderator
https://db8.nl - Joomla specialist, Nijmegen, Nederland
Co-developer of d2 Content https://data2site.com/joomla-extensions/d2-content

FuzMic
Joomla! Explorer
Joomla! Explorer
Posts: 315
Joined: Mon Oct 08, 2012 4:45 am

Re: User Password changed!!

Post by FuzMic » Mon Jun 29, 2020 7:04 am

Thanks you Peter Martin

I use AdminExile & Brute Force Plugins and Security Check Component to try to add more security to the Joomla backend Log in.

But intruder just got in.

I can try to post my FPA latter. Any first thoughts to keep me thinking. Thanks again.

FuzMic
Joomla! Explorer
Joomla! Explorer
Posts: 315
Joined: Mon Oct 08, 2012 4:45 am

Re: User Password changed!!

Post by FuzMic » Mon Jun 29, 2020 8:11 am

Forum Post Assistant (v1.6.1) : 29-Jun-2020 wrote:
Last PHP Error(s) Reported :: wrote:[29-Jun-2020 07:50:06 UTC] PHP Warning: A non-numeric value encountered in /home/fuzmic/public_html/components/com_portfoliogallery/helpers/helper.php on line 113
Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.9.16-Stable (Amani) 10-March-2020
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Read-Only (444) |
Configuration Options :: Offline: false | SEF: true | SEF Suffix: false | SEF ReWrite: true | .htaccess/web.config: Yes | GZip: false | Cache: true | CacheTime: 15 | CacheHandler: file | CachePlatformPrefix: false | FTP Layer: false | Proxy: false | LiveSite: Is Not Empty | Session lifetime: 15 | Session handler: database | Shared sessions: false | SSL: 2 | Error Reporting: default | Site Debug: false | Language Debug: false | Default Access: 1 | Unicode Slugs: false | dbConnection Type: mysqli | PHP Supports J! 3.9.16: Yes | Database Supports J! 3.9.16: Yes | Database Credentials Present: Yes |

Host Configuration :: OS: Linux | OS Version: 3.10.0-1127.10.1.el7.x86_64 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate, br | System TMP Writable: Yes | Free Disk Space : 189.54 GiB |

PHP Configuration :: Version: 7.2.31 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: | Error Reporting: 32759 | Log Errors To: error_log | Last Known Error: 29th June 2020 07:50:06. | Register Globals: | Magic Quotes: | Safe Mode: | Allow url fopen: 1 | Open Base: | Uploads: 1 | Max. Upload Size: 32M | Max. POST Size: 32M | Max. Input Time: 60 | Max. Execution Time: 60 | Memory Limit: 128M

Database Configuration :: Version: 5.7.30 (Client:mysqlnd 5.0.12-dev - 20150407 - $Id: 3591daad22de08524295e1bd073aceeff11e6579 $) | Database Size: 18.16 MiB | #of Tables with config prefix:  141 | #of other Tables:  1 | User Privileges : GRANT ALL
Detailed Environment :: wrote:PHP Extensions :: Core (7.2.31) | date (7.2.31) | libxml (7.2.31) | openssl (7.2.31) | pcre (7.2.31) | zlib (7.2.31) | filter (7.2.31) | hash (1.0) | pcntl (7.2.31) | readline (7.2.31) | Reflection (7.2.31) | SPL (7.2.31) | session (7.2.31) | standard (7.2.31) | cgi-fcgi () | bcmath (7.2.31) | calendar (7.2.31) | ctype (7.2.31) | curl (7.2.31) | dom (20031129) | mbstring (7.2.31) | fileinfo (1.0.5) | ftp (7.2.31) | gd (7.2.31) | iconv (7.2.31) | imap (7.2.31) | intl (1.1.0) | json (1.6.0) | exif (7.2.31) | mysqlnd (mysqlnd 5.0.12-dev - 20150407 - $Id: 3591daad22de08524295e1bd073aceeff11e6579 $) | PDO (7.2.31) | pgsql (7.2.31) | Phar (2.0.2) | posix (7.2.31) | SimpleXML (7.2.31) | soap (7.2.31) | sqlite3 (7.2.31) | tokenizer (7.2.31) | xml (7.2.31) | xmlwriter (7.2.31) | xsl (7.2.31) | zip (1.15.4) | mysqli (7.2.31) | pdo_mysql (7.2.31) | pdo_pgsql (7.2.31) | pdo_sqlite (7.2.31) | wddx (7.2.31) | xmlreader (7.2.31) | Zend Engine (3.2.0) |
Potential Missing Extensions ::
Disabled Functions :: exec | passthru | proc_nice | proc_open | shell_exec | system | popen | pcntl_exec |

Switch User Environment :: PHP CGI: Yes | Server SU: No | PHP SU: Yes | Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) | administrator/logs/ (755) |

Elevated Permissions (First 10) ::
Database Information :: wrote:Database statistics :: Uptime: 4677 | Threads: 35 | Questions: 373742 | Slow queries: 0 | Opens: 24366 | Flush tables: 1 | Open tables: 2000 | Queries per second avg: 79.910 |
Extensions Discovered :: wrote:Components :: Site ::
Core :: com_mailto (3.0.0) 1 | com_wrapper (3.0.0) 1 |
3rd Party:: WF_AGGREGATOR_DAILYMOTION_TITLE (2.8.10) ? | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.4.4) ? | WF_AGGREGATOR_VIMEO_TITLE (2.8.10) ? | WF_AGGREGATOR_[youtube]_TITLE (2.8.10) ? | WF_AGGREGATOR_AUDIO_TITLE (2.8.10) ? | WF_AGGREGATOR_VIDEO_TITLE (2.8.10) ? | WF_FILESYSTEM_JOOMLA_TITLE (2.8.10) ? | WF_LINKS_JOOMLALINKS_TITLE (2.8.10) ? | WF_POPUPS_JCEMEDIABOX_TITLE (2.8.10) ? | WF_LINK_SEARCH_TITLE (2.8.10) ? | WF_ANCHOR_TITLE (2.8.10) ? | WF_ARTICLE_TITLE (2.8.10) ? | WF_AUTOSAVE_TITLE (2.8.10) ? | WF_BROWSER_TITLE (2.8.10) ? | WF_CHARMAP_TITLE (2.8.10) ? | WF_CLEANUP_TITLE (2.8.10) ? | WF_CLIPBOARD_TITLE (2.8.10) ? | WF_CONTEXTMENU_TITLE (2.8.10) ? | WF_DIRECTIONALITY_TITLE (2.8.10) ? | WF_EMOTIONS_TITLE (2.8.10) ? | WF_FONTCOLOR_TITLE (2.8.10) ? | WF_FONTSELECT_TITLE (2.8.10) ? | WF_FONTSIZESELECT_TITLE (2.8.10) ? | WF_FORMATSELECT_TITLE (2.8.10) ? | WF_FULLSCREEN_TITLE (2.8.10) ? | WF_HR_TITLE (2.8.10) ? | WF_IMGMANAGER_TITLE (2.8.10) ? | WF_KITCHENSINK_TITLE (2.8.10) ? | WF_LAYER_TITLE (2.8.2) ? | WF_LINK_TITLE (2.8.10) ? | WF_LISTS_TITLE (2.8.10) ? | WF_MEDIA_TITLE (2.8.10) ? | WF_NONBREAKING_TITLE (2.8.10) ? | JCE - Noneditable (1.0.0) ? | WF_PREVIEW_TITLE (2.8.10) ? | WF_PRINT_TITLE (2.8.10) ? | WF_SEARCHREPLACE_TITLE (2.8.10) ? | WF_SOURCE_TITLE (2.8.10) ? | WF_SPELLCHECKER_TITLE (2.8.10) ? | WF_STYLE_TITLE (2.8.10) ? | WF_STYLESELECT_TITLE (2.8.10) ? | WF_TABLE_TITLE (2.8.10) ? | WF_TEXTCASE_TITLE (2.8.10) ? | WF_VISUALBLOCKS_TITLE (2.8.10) ? | WF_VISUALCHARS_TITLE (2.8.10) ? | WF_WORDCOUNT_TITLE (2.8.10) ? | WF_XHTMLXTRAS_TITLE (2.8.10) ? | WF_HELP_TITLE (2.8.10) ? |

Components :: Admin ::
Core :: com_actionlogs (3.9.0) 1 | com_admin (3.0.0) 1 | com_ajax (3.2.0) 1 | com_associations (3.7.0) 1 | com_banners (3.0.0) 1 | com_cache (3.0.0) 1 | com_categories (3.0.0) 1 | com_checkin (3.0.0) 1 | com_config (3.0.0) 1 | com_content (3.0.0) 1 | com_contenthistory (3.2.0) 1 | com_cpanel (3.0.0) 1 | com_fields (3.7.0) 1 | com_finder (3.0.0) 1 | com_installer (3.0.0) 1 | com_joomlaupdate (3.6.2) 1 | com_languages (3.0.0) 1 | com_login (3.0.0) 1 | com_media (3.0.0) 1 | com_menus (3.0.0) 1 | com_messages (3.0.0) 1 | com_modules (3.0.0) 1 | com_newsfeeds (3.0.0) 1 | com_plugins (3.0.0) 1 | com_postinstall (3.2.0) 1 | com_privacy (3.9.0) 1 | com_redirect (3.0.0) 1 | com_search (3.0.0) 1 | com_tags (3.1.0) 1 | com_templates (3.0.0) 1 | com_users (3.0.0) 1 | com_weblinks (3.0.0) 1 |
3rd Party:: com_attachments (3.1.3) 1 | com_chronoforms5 (5.0.17) 1 | COM_JCE (2.8.10) 1 | JComments (3.0.7.5) ? | com_jhackguard (2.0.2) 1 | plg_pagebuilderck_accordion_xml_nam (1.0.0) ? | plg_pagebuilderck_audio_xml_name (1.0.0) 1 | plg_pagebuilderck_icon_xml_name (1.0.0) 1 | plg_pagebuilderck_icontext_xml_name (1.0.0) 1 | plg_pagebuilderck_image_xml_name (1.0.1) 1 | plg_pagebuilderck_message_xml_name (1.0.0) 1 | plg_pagebuilderck_module_xml_name (1.0.0) 1 | mod_pagebuilderck (2.2.2) 1 | Button - Pagebuilder CK (2.0.1) 1 | Editor - Pagebuilder CK (2.5.4) 1 | PLG_SEARCH_PAGEBUILDERCKSEARCH (1.0.1) 1 | plg_pagebuilderck_separator_xml_nam (1.0.0) ? | System - Pagebuilder CK (2.5.3) 1 | plg_pagebuilderck_tabs_xml_name (1.0.1) 1 | plg_pagebuilderck_text_xml_name (1.0.0) 1 | plg_pagebuilderck_video_xml_name (1.0.1) 1 | plg_pagebuilderck_accordion_xml_nam (1.0.0) ? | plg_pagebuilderck_audio_xml_name (1.0.1) 1 | plg_pagebuilderck_icon_xml_name (1.0.0) 1 | plg_pagebuilderck_icontext_xml_name (1.0.0) 1 | plg_pagebuilderck_image_xml_name (1.0.4) 1 | plg_pagebuilderck_message_xml_name (1.0.0) 1 | plg_pagebuilderck_module_xml_name (1.0.0) 1 | plg_pagebuilderck_separator_xml_nam (1.0.0) ? | plg_pagebuilderck_tabs_xml_name (1.0.1) 1 | plg_pagebuilderck_text_xml_name (1.0.0) 1 | plg_pagebuilderck_video_xml_name (1.0.1) 1 | com_pagebuilderck (2.6.1) 1 | COM_PORTFOLIOGALLERY (1.1.0) 1 | System - RAntiSpam (3.3.9) ? | com_rantispam (3.3.9) 1 | Securitycheck (3.1.11) 1 | SP Page Builder (3.0.4) 1 | SP Simple Portfolio (1.8) 1 |

Modules :: Site ::
Core :: mod_articles_archive (3.0.0) 1 | mod_articles_categories (3.0.0) 1 | mod_articles_category (3.0.0) 1 | mod_articles_latest (3.0.0) 1 | mod_articles_news (3.0.0) 1 | mod_articles_popular (3.0.0) 1 | mod_banners (3.0.0) 1 | mod_breadcrumbs (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_finder (3.0.0) 1 | mod_footer (3.0.0) 1 | mod_languages (3.5.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_random_image (3.0.0) 1 | mod_related_items (3.0.0) 1 | mod_search (3.0.0) 1 | mod_stats (3.0.0) 1 | mod_syndicate (3.0.0) 1 | mod_tags_popular (3.1.0) 1 | mod_tags_similar (3.1.0) 1 | mod_users_latest (3.0.0) 1 | mod_weblinks (3.0.0) 1 | mod_whosonline (3.0.0) 1 | mod_wrapper (3.0.0) 1 |
3rd Party:: ARI Image Slider (2.2.5) 1 | ARI Image Slider (2.1.11) 1 | ChronoForms5 (V5 RC1.2) 1 | GTranslate (3.7.6) 1 | MOD_ITPSOCIALBUTTONS (2.2) 1 | MOD_MH_SIMPLE_MARQUEE (rev 29) 1 | mod_pagebuilderck (2.2.2) 1 | Portfolio Gallery (1.1.0) 1 | Perfect Everything in Everyway (2.0.13) 1 | sigplus (1.4.3.3) 1 | SP Page Builder (1.2) 1 | SP Simple Portfolio Module (1.8) 1 | SP Portfolio (1.4) 1 |

Modules :: Admin ::
Core :: mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_latest (3.0.0) 1 | mod_latestactions (3.9.0) 1 | mod_logged (3.0.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_multilangstatus (3.0.0) 1 | mod_popular (3.0.0) 1 | mod_privacy_dashboard (3.9.0) 1 | mod_quickicon (3.0.0) 1 | mod_sampledata (3.8.0) 1 | mod_stats_admin (3.0.0) 1 | mod_status (3.0.0) 1 | mod_submenu (3.0.0) 1 | mod_title (3.0.0) 1 | mod_toolbar (3.0.0) 1 | mod_version (3.0.0) 1 |
3rd Party:: mod_cachecleaner (7.2.2) 1 | mod_sppagebuilder_admin_menu (1.3) 1 | mod_sppagebuilder_icons (1.0.2) 1 |

Libraries ::
Core ::
3rd Party:: Regular Labs Library (20.3.23772) 1 |

Plugins ::
Core :: PLG_ACTIONLOG_JOOMLA (3.9.0) 1 | plg_authentication_cookie (3.0.0) 1 | plg_authentication_gmail (3.0.0) 0 | plg_authentication_joomla (3.0.0) 1 | plg_authentication_ldap (3.0.0) 0 | plg_captcha_recaptcha (3.4.0) 1 | plg_captcha_recaptcha_invisible (3.8) 0 | plg_content_confirmconsent (3.9.0) 0 | plg_content_emailcloak (3.0.0) 1 | plg_content_fields (3.7.0) 1 | plg_content_finder (3.0.0) 0 | plg_content_joomla (3.0.0) 1 | plg_content_loadmodule (3.0.0) 1 | plg_content_pagebreak (3.0.0) 1 | plg_content_pagenavigation (3.0.0) 1 | plg_content_vote (3.0.0) 1 | plg_editors-xtd_article (3.0.0) 0 | plg_editors-xtd_fields (3.7.0) 1 | plg_editors-xtd_image (3.0.0) 1 | plg_editors-xtd_menu (3.7.0) 0 | plg_editors-xtd_module (3.5.0) 0 | plg_editors-xtd_pagebreak (3.0.0) 1 | plg_editors-xtd_readmore (3.0.0) 1 | plg_extension_joomla (3.0.0) 1 | plg_fields_calendar (3.7.0) 0 | plg_fields_checkboxes (3.7.0) 0 | plg_fields_color (3.7.0) 0 | plg_fields_editor (3.7.0) 1 | plg_fields_imagelist (3.7.0) 0 | plg_fields_integer (3.7.0) 0 | plg_fields_list (3.7.0) 0 | plg_fields_media (3.7.0) 0 | plg_fields_radio (3.7.0) 0 | plg_fields_repeatable (3.9.0) 1 | plg_fields_sql (3.7.0) 0 | plg_fields_text (3.7.0) 0 | plg_fields_textarea (3.7.0) 0 | plg_fields_url (3.7.0) 0 | plg_fields_user (3.7.0) 0 | plg_fields_usergrouplist (3.7.0) 0 | plg_finder_categories (3.0.0) 1 | plg_finder_contacts (3.0.0) 1 | plg_finder_content (3.0.0) 1 | plg_finder_newsfeeds (3.0.0) 1 | plg_finder_tags (3.0.0) 1 | plg_finder_weblinks (3.0.0) 1 | PLG_INSTALLER_FOLDERINSTALLER (3.6.0) 1 | plg_installer_packageinstaller (3.6.0) 1 | PLG_INSTALLER_URLINSTALLER (3.6.0) 1 | plg_installer_webinstaller (2.0.1) 1 | plg_privacy_actionlogs (3.9.0) 1 | plg_privacy_consents (3.9.0) 1 | plg_privacy_content (3.9.0) 1 | plg_privacy_message (3.9.0) 1 | plg_privacy_user (3.9.0) 1 | plg_quickicon_extensionupdate (3.0.0) 1 | plg_quickicon_joomlaupdate (3.0.0) 1 | plg_quickicon_phpversioncheck (3.7.0) 0 | plg_quickicon_privacycheck (3.9.0) 1 | plg_search_categories (3.0.0) 1 | plg_search_contacts (3.0.0) 1 | plg_search_content (3.0.0) 1 | plg_search_newsfeeds (3.0.0) 1 | plg_search_tags (3.0.0) 0 | plg_search_weblinks (3.0.0) 1 | PLG_SYSTEM_ACTIONLOGS (3.9.0) 0 | plg_system_cache (3.0.0) 1 | plg_system_debug (3.0.0) 1 | plg_system_fields (3.7.0) 1 | plg_system_highlight (3.0.0) 1 | plg_system_languagecode (3.0.0) 0 | plg_system_languagefilter (3.0.0) 0 | plg_system_log (3.0.0) 1 | plg_system_logout (3.0.0) 1 | plg_system_logrotation (3.9.0) 1 | plg_system_p3p (3.0.0) 1 | plg_system_privacyconsent (3.9.0) 0 | plg_system_redirect (3.0.0) 0 | plg_system_remember (3.0.0) 1 | plg_system_sef (3.0.0) 1 | plg_system_sessiongc (3.8.6) 1 | plg_system_stats (3.5.0) 0 | plg_system_updatenotification (3.5.0) 0 | plg_twofactorauth_totp (3.2.0) 0 | plg_twofactorauth_yubikey (3.2.0) 0 | plg_user_contactcreator (3.0.0) 0 | plg_user_joomla (3.0.0) 1 | plg_user_profile (3.0.0) 0 | plg_user_terms (3.9.0) 0 |
3rd Party:: Helix3 - Ajax (2.5.6) 1 | plg_attachments_for_content (3.1.3) 1 | plg_attachments_plugin_framework (3.1.3) 1 | plg_content_attachments (3.1.3) 1 | Chronoforms5 (V5.0) 1 | PLG_EMBED_GOOGLE_MAP (2.1.0) 1 | PLG_CONTENT_ITPSOCIALBUTTONS (2.6) 0 | plg_content_jce (2.8.10) 1 | plg_content_jcomments (1.0) 1 | PLG_JSMALLFIB_TITLE (1.3.4.pro) 1 | Content - Perfect Everything in Eve (2.0.0) ? | Content - Image gallery - sigplus (1.4.3.3) 1 | plg_editors_codemirror (5.40.0) 1 | plg_editors_jce (2.8.10) 1 | plg_editors_tinymce (4.5.11) 1 | plg_editors-xtd_add_attachment_btn (3.1.3) 1 | plg_editors-xtd_articlesanywhere (10.1.4) 1 | plg_editors-xtd_insert_attachments_ (3.1.3) ? | plg_editors-xtd_jcommentsoff (1.0) 1 | plg_editors-xtd_jcommentson (1.0) 1 | plg_editors-xtd_modulesanywhere (7.10.0) 1 | Button - Pagebuilder CK (2.0.1) 1 | Editor - Pagebuilder CK (2.5.4) 1 | Button - Perfect Everything in Ever (2.0.0) ? | Perfect Cookie Policy in Everyway (2.0.3) 1 | Perfect Custom HTML in Everyway (2.0.2) 1 | Perfect Facebook Page Plugin in Eve (2.0.5) ? | Perfect iFrame in Everyway (2.0.4) 1 | Perfect Link in Everyway (2.0.2) 1 | plg_extension_jce (2.8.10) 1 | plg_fields_mediajce (2.8.10) 1 | plg_installer_jce (2.8.10) 1 | plg_pagebuilderck_accordion_xml_nam (1.0.0) ? | plg_pagebuilderck_audio_xml_name (1.0.1) 1 | plg_pagebuilderck_icon_xml_name (1.0.0) 1 | plg_pagebuilderck_icontext_xml_name (1.0.0) 1 | plg_pagebuilderck_image_xml_name (1.0.4) 1 | plg_pagebuilderck_message_xml_name (1.0.0) 1 | plg_pagebuilderck_module_xml_name (1.0.0) 1 | plg_pagebuilderck_separator_xml_nam (1.0.0) ? | plg_pagebuilderck_tabs_xml_name (1.0.1) 1 | plg_pagebuilderck_text_xml_name (1.0.0) 1 | plg_pagebuilderck_video_xml_name (1.0.1) 1 | plg_quickicon_attachments (3.1.3) 1 | plg_quickicon_jce (2.8.10) 1 | plg_quickicon_jcomments (1.0) 1 | plg_search_attachments (3.1.3) 1 | plg_search_jcomments (1.0) 1 | PLG_SEARCH_PAGEBUILDERCKSEARCH (1.0.1) 1 | plg_system_articlesanywhere (10.1.4) 1 | plg_system_cachecleaner (7.2.2) 1 | PLG_SYSTEM_HEADERTAGS (3.2.1) 1 | System - Helix3 Framework (2.5.6) 1 | plg_system_jce (2.8.10) 1 | plg_system_jcomments (1.0) 1 | JHackGuard Plugin (2.0.4) 1 | plg_system_modulesanywhere (7.10.0) 1 | System - Pagebuilder CK (2.5.3) 1 | Portfolio Gallery (1.1.0) 1 | System - RAntiSpam (3.3.9) ? | plg_system_regularlabs (20.3.23772) 1 | System - Securitycheck (3.1.11) 1 | plg_system_show_attachments_in_edit (3.1.3) ? | PLG_SYS_ADMINEXILE (3.16.3) 1 | System - Admin Bruteforce Protectio (1.4) ? | plg_system_sl_scrolltotop (2.0.0) 1 | plg_user_jcomments (1.0) 1 |
Templates Discovered :: wrote:Templates :: Site :: beez3 (3.1.0) 1 | protostar (1.0) 1 | shaper_helix3 (2.5.6) 1 |
Templates :: Admin :: hathor (3.0.0) 1 | isis (1.0) 1 |
Last edited by toivo on Mon Jun 29, 2020 9:59 am, edited 1 time in total.
Reason: mod note: disabled smilies in post Options for readability

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 6087
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: User Password changed!!

Post by AMurray » Mon Jun 29, 2020 8:57 am

How can you tell the password is changed - it's encrypted.....? You can't decrypt those passwords.

You're 3 releases behind the current release of Joomla too (3.9.16 vs 3.9.19). Make sure that's updated at some point.
Regards,
--------------------------------------------------------------
A Murray
Help you I can, yes!. Post your question, you should. Keep it on topic you must!
Use the Forc....Forum Post Assistant my young Padawan!

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 6087
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: User Password changed!!

Post by AMurray » Mon Jun 29, 2020 9:00 am

Have you changed the password again, per these instructions:
https://docs.joomla.org/How_do_you_reco ... assword%3F
Regards,
--------------------------------------------------------------
A Murray
Help you I can, yes!. Post your question, you should. Keep it on topic you must!
Use the Forc....Forum Post Assistant my young Padawan!

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 6087
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: User Password changed!!

Post by AMurray » Mon Jun 29, 2020 9:07 am

Do you use SP Page Builder? (v3.0.4 according to the FPA report). That component current release is v3.7.3 currently so yours is way out of date.

First thing is to get back into your system, make sure you have a secure Super User password, then update all your extensions.
Regards,
--------------------------------------------------------------
A Murray
Help you I can, yes!. Post your question, you should. Keep it on topic you must!
Use the Forc....Forum Post Assistant my young Padawan!

FuzMic
Joomla! Explorer
Joomla! Explorer
Posts: 315
Joined: Mon Oct 08, 2012 4:45 am

Re: User Password changed!!

Post by FuzMic » Mon Jun 29, 2020 9:26 am

Hi guys Thank you I will update the extension.

I know password is changed bcos I can't login. I have kept the encrypt text in my localhost once enc.text is restored I can login.

I think my password is secured as far as I imagine.

User avatar
pe7er
Joomla! Master
Joomla! Master
Posts: 22796
Joined: Thu Aug 18, 2005 8:55 pm
Location: Nijmegen, Netherlands
Contact:

Re: User Password changed!!

Post by pe7er » Mon Jun 29, 2020 9:51 am

Are there any Super Admins in your website that might have reset your password?

Before resetting your own password, have you checked in the Users table what the passwords look like?
Does your start with "$2y$10$" (BCrypt probably set by Joomla)
or with something else like a MD5 hash (added directly to the database with phpmyadmin)?

What was the lastvisitDate of your Joomla account? Does it give you any pointers?
E.g. check against the web server access log to see what traffic (+ IP) was at your site (and where) when the password reset was done?
Kind Regards,
Peter Martin, Global Moderator
https://db8.nl - Joomla specialist, Nijmegen, Nederland
Co-developer of d2 Content https://data2site.com/joomla-extensions/d2-content

FuzMic
Joomla! Explorer
Joomla! Explorer
Posts: 315
Joined: Mon Oct 08, 2012 4:45 am

Re: User Password changed!!

Post by FuzMic » Mon Jun 29, 2020 10:00 am

Dear guys

My humble apologies, I have posted this issue before and at that time i changed the password to a new one. When i recently login i forget about this changed, so still trying with the old.
NOW if just remember about that changed; so i can login .. aging. Sorry for the wild goose chase.
Kind Regards to Murray & Martin.

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 6087
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: User Password changed!!

Post by AMurray » Mon Jun 29, 2020 10:01 pm

A concluding remark to this topic:

To save forgetting passwords in future, use the inbuilt password list of your browser, or a 3rd party password manager (won't mention any, against forum rules).

Your browser should have the ability to let you see the passwords it has stored. Using the "remember me" function also tells your browser to store the password and/or auto-fill login forms on subsequent visits. Useful if you're the only one using your computer.
Regards,
--------------------------------------------------------------
A Murray
Help you I can, yes!. Post your question, you should. Keep it on topic you must!
Use the Forc....Forum Post Assistant my young Padawan!


Post Reply

Return to “Security in Joomla! 3.x”