0
Welcome Guest! Login
0 items Join Now

Hacked within first 2 minutes of Joomla install

Last Post
Search Topic

  • Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • I used an autoinstall function provided by the webhost.... Logged in to the admin interface to change the admin password and BOOM. Kicked out. That was literally all I was able to do.

      Now after having changed passwords, etc., I've deleted that directory, and installed into a new one, but now other weird things are happening -- like register_globals is set to off, but Joomla says it's on, and it says the configuration.php file is unwriteable, but i temporarily changed the CHMOD to 755....

      In your collective expert opinions does this mean that the second installation got hacked too? I haven't invested any time/energy into this site yet, so there's nothing to preserve in terms of work already done. I'm just trying to save my nerves!!!

      Thanks for your thoughts... :)
    #63194

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • Don't use autoinstall, delete everything and ftp joomla files.
    • VirtueShop
    #63196

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • Thanks Peter... do you think I need to be concerned about other hidden/hacked files? In other words, if i delete the current joomla installation and reinstall manually is that likely to do the trick or is there anything else I need to look for at a root level? Appreciate your help... :)
    #63201

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • If Joomla is installed in the root just delete it will be fine, which version of Joomla that was?
    • VirtueShop
    #63204
    • Bob Ateah's Avatar
    • Bob Ateah
    • Elite Rocketeer
    • Posts: 4521
    • Thanks: 0

    Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • Peter Osipof wrote:
      Don't use autoinstall, delete everything and ftp joomla files.

      I'm just curious as to why this advice Peter. Is Fantastico "bugged"?

      Cheers mate!
    • The member formerly known as Roland Deschain
      After your question is solved, please Edit your original post and choose the Solved message icon, thank you!
    #63208

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • joomla 1.012 is installed in a subdirectory. My client's old website (plain html) is at the root.

      The webhost is Servage. They have their own special client admin panel. Don't know whether they're using Fantastico for installs, might be custom.
    #63209

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • Roland Deschain wrote:
      I'm just curious as to why this advice Peter. Is Fantastico "bugged"?

      Is Fantastico bugged? Not necessary the reason I said that is three;
      • Sometimes those auto-installes don't have updated version, I know both my host are on v1.0.11
      • Back in Mambo days I too got hacked using auto-install, deleted and ftp-ed files touch wood, I am still using it today
      • The auto-installer file(s) could be hacked/corrupt hence all installations get hacked
    • VirtueShop
    #63211
    • Bob Ateah's Avatar
    • Bob Ateah
    • Elite Rocketeer
    • Posts: 4521
    • Thanks: 0

    Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • Peter Osipof wrote:
      Roland Deschain wrote:
      I'm just curious as to why this advice Peter. Is Fantastico "bugged"?

      Is Fantastico bugged? Not necessary the reason I said that is three;
      • Sometimes those auto-installes don't have updated version, I know both my host are on v1.0.11
      • Back in Mambo days I too got hacked using auto-install, deleted and ftp-ed files touch wood, I am still using it today
      • The auto-installer file(s) could be hacked/corrupt hence all installations get hacked

      Thanks for the info Peter. Fyi, the Fantastico used by Hostgator is bugged when installing Joomla!. After doing a Fantastico Joomla! installation no images appear on the newly installed Joomla! site - the path in the configuration.php gets set incorrectly. I informed Hostgator about this but i see that Fantastico is still bugged.

      Cheers!
    • The member formerly known as Roland Deschain
      After your question is solved, please Edit your original post and choose the Solved message icon, thank you!
    #63216

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    #63223

  • Re: Hacked within first 2 minutes of Joomla install

    Posted 17 years 6 months ago
    • still in communication with Servage. some very strange things are happening, like: after this started, i changed my FTP password and I tested afterwards and the connection worked. Then an hour later i went to reconnect via FTP and my new password didn't work anymore. On a whim, i tried my OLD password and it worked again... I'm waiting to hear whether Servage reset my password without telling me or whether there is another cause... ugh.

      I'm in a shared hosting environment and don't have access to the server logs, so don't know how helpful I can be with respect to providing extra info. There has been no customization of any sort with extensions, etc., but I can certainly document what the scenario was that I experienced and detail what I know. I did get an error screen with a bunch of Chinese characters on it... My host is claiming that the current installation is secure and that they've reviewed it...

      Anyway, I'm waiting for the FTP password issue to be addressed before going any further. sounds like maybe i should wait for v13!!

      Will post back if/when i get resolution. Thanks for all your thoughts and help...
    #63242

Time to create page: 0.053 seconds