Pharma Hack? - Joomla! Forum - community, help and support

-

website has been apparently hacked last week, far thing effected in backend screens, anytime try submit somehting or sort comes viagra/cialis/crap. looking through posts , web, nothing have found seems relevant fixing it.....output of fpa follows:
problem description :: forum post assistant (v1.2.3) : 3rd november 2012 wrote:com_xx has ben takenover viagra , cialis ads - can't find injected remove....
last php error(s) reported :: forum post assistant (v1.2.3) : 3rd november 2012 wrote:[18-oct-2012 20:58:28] php warning: checkdnsrr() [<a href='function.checkdnsrr'>function.checkdnsrr</a>]: host , type cannot empty in /home/btzol/public_html/plugins/system/cedit_blockdisposable.php on line 338
forum post assistant (v1.2.3) : 3rd november 2012 wrote:
basic environment :: wrote:joomla! instance :: joomla! 1.5.26-stable (senu takaa ama busani) 27-march-2012
joomla! configured :: yes | read-only (444) | owner: btzol (uid: 1/gid: 1) | group: btzol (gid: 1) | valid for: 1.5
configuration options :: offline: 0 | sef: 0 | sef suffix: 0 | sef rewrite: 0 | .htaccess/web.config: yes | gzip: 0 | cache: 1 | ftp layer: 0 | ssl: 0 | error reporting: -1 | site debug: 0 | language debug: 0 | database credentials present: yes

host configuration :: os: linux | os version: 3.2.31 | technology: x86_64 | web server: apache | encoding: gzip, deflate | doc root: /home/btzol/public_html | system tmp writable: yes

php configuration :: version: 5.2.17 | php api: cgi-fcgi | session path writable: unknown | display errors: 1 | error reporting: 6135 | log errors to: error_log | last known error: 18th october 2012 20:58:28. | register globals: 1 | magic quotes: | safe mode: | open base: | uploads: 1 | max. upload size: 64m | max. post size: 64m | max. input time: 60 | max. execution time: 30 | memory limit: 64m

mysql configuration :: version: 5.5.23-55 (client:5.5.23) | host: --protected-- (--protected--) | collation: utf8_unicode_ci (character set: utf8) | database size: 2.08 mib | #of tables: 116
detailed environment :: wrote:php extensions :: date (5.2.17) | libxml () | openssl () | pcre () | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dbase () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | session () | iconv () | standard (5.2.17) | json (1.2.1) | mbstring () | mcrypt () | mhash () | mime_magic (0.1) | mssql () | mysql (1.0) | simplexml (0.1) | odbc (1.0) | posix () | pspell () | reflection (0.1) | imap () | spl (0.2) | mysqli (0.1) | soap () | sockets () | exif (1.4 $id: exif.c 293036 2010-01-03 09:23:27z sebastian $) | tidy (2.0) | tokenizer (0.1) | wddx () | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.8.11) | cgi-fcgi () | magickwand (1.0.8) | imagick (3.0.1) | pdo (1.0.4dev) | pdo_sqlite (1.0.1) | sqlite (2.0-dev) | pdo_mysql (1.0.2) | sourceguardian (8.2) | ioncube loader () | zend optimizer () | zend engine (2.2.0) |
potential missing extensions :: suhosin |

switch user environment (experimental) :: php cgi: yes | server su: yes | php su: yes | custom su (litespeed/cloud/grid): yes
potential ownership issues: no
folder permissions :: wrote:core folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

elevated permissions (first 10) ::
extensions discovered :: wrote:components :: site :: classic_1 (1.1.0) | default (1.0.0) | vmj_genx (1.0) | user (1.5.0) | wrapper (1.5.0) | mailto (1.5.0) |
components :: admin :: language manager (1.5.0) | frontpage (1.5.0) | xcloner-backupandrestore (3.2) | menus manager (1.5.0) | virtuemart (1.1.7) | weblinks (1.5.0) | content page (1.5.0) | messaging (1.5.0) | module manager (1.5.0) | jce (157) | template manager (1.5.0) | mass mail (1.5.0) | search (1.5.0) | media manager (1.5.0) | banners (1.5.0) | contact items (1.0.0) | control panel (1.5.0) | configuration manager (1.5.0) | user manager (1.5.0) | polls (1.5.0) | awocoupon (1.0.8) | userport (1.5.2) | newsfeeds (1.5.0) | acymailing (1.2.2) | acymailing tag : manage su (1.2.2) | user - acymailing (1.2.2) | acymailing tag : subscriber in (1.2.2) | acymailing tag : joomla user (1.2.2) | acymailing onpreparecontent tr (1.2.2) | acymailing tag : content inser (1.2.2) | acymailing tag : online links (1.2.2) | acymailing : statistics plugin (1.2.2) | acymailing tag : date / time (1.2.2) | acymailing template class repl (1.2.2) | acymailing module (1.2.2) | installation manager (1.5.0) | cache manager (1.5.0) | trash (1.0.0) | plugin manager (1.5.0) |

modules :: site :: sections (1.5.0) | breadcrumbs (1.5.0) | simple image holder (1.5.11) | r3d floater (1.5.0) | statistics (1.5.0) | who\'s online (1.0.0) | read content (1.5.0) | virtuemart latest products (1.1.0) | k2 users (2.3) | latest news (1.5.0) | login (1.5.0) | custom html (1.5.0) | feed display (1.5.0) | meetup (1.1.0a) | k2 comments (2.3) | virtuemart manufacturers (1.1.0) | virtuemart featured products (1.1.0) | simple mp3 player (1.5.3) | acymailing module (1.2.2) | simple mp3 bar (1.2) | virtuemart product categories (1.1.0) | k2 content (2.3) | banner (1.5.0) | k2 login (2.3) | newsflash (1.5.0) | ninja rss syndicator (1.0.7) | virtuemart module (1.1.4) | poll (1.5.0) | virtuemart shopping cart (1.1.0) | virtuemart all-in-one (1.1.0) | virtuemart top ten products (1.1.0) | menu (1.5.0) | footer (1.5.0) | virtuemart search (1.1.0) | virtuemart product scroller (1.1.0) | random image (1.5.0) | flash module (3.0.2) | k2 tools (2.3) | syndicate (1.5.0) | virtuemart currency selector (1.1.6) | virtuemart login (1.1.4) | vmj modern cart (1.3) | virtuemart random products (1.1.0) | archived content (1.5.0) | search (1.0.0) | custom html advanced (jtricks. (1.0) | roktabs (1.12) | wrapper (1.0.0) | related items (1.0.0) |
modules :: admin :: user status (1.5.0) | items stats (1.0.0) | online users (1.0.0) | login form (1.0.0) | title (1.0.0) | custom html (1.5.0) | feed display (1.5.0) | quick icons (1.0.0) | latest news (1.0.0) | unread items (1.0.0) | logged in users (1.0.0) | admin submenu (1.0.0) | admin menu (1.0.0) | footer (1.0.0) | popular items (1.0.0) | toolbar (1.0.0) |

plugins :: site :: search - newsfeeds (1.5) | search - categories (1.5) | search - weblinks (1.5) | virtuemart extended search plu (1.5) | search - content (1.5) | search - contacts (1.5) | search - sections (1.5) | content - email cloaking (1.5) | content - sigplus image galler (1.2) | content - [youtube] video embedd (1.1) | readmore link (1.0) | content - page navigation (1.5) | content - example (1.0) | content - qtube (1.0.1) | content - phatfusion slideshow (1.0) | content - vote (1.5) | allvideos (by joomlaworks) (3.3) | content - pagebreak (1.5) | content - load modules (1.5) | virtuemart product snapshot (1.1.0) | content - code highlighter (ge (1.5) | system - debug (1.5) | tabs (1.0) | system - jce mediabox 1.0.1 (1.0.1) | system - registration validato (1.3.0) | system - log (1.5) | system - legacy (1.5) | system - cache (1.5) | system - mootools upgrade (1.5) | system - sef (1.5) | system - remember me (1.5) | system - backlinks (1.5) | authentication - ldap (1.5) | authentication - joomla (1.5) | authentication - example (1.5) | authentication - openid (1.5) | authentication - gmail (1.5) | xml-rpc - joomla api (1.0) | xml-rpc - blogger api (1.0) | user - acymailing (1.2.2) | user - joomla! (1.5) | user - example (1.0) | button - readmore (1.5) | button - image (1.0.0) | button - pagebreak (1.5) | editor - jce 154 (154) | object support (1.5.1) | advanced code editor (1.5.3) | paste (1.5.0) | spellchecker (2.0.0) | image manager (1.5.2) | paste (1.5.3) | file browser (1.5.0 stable) | advanced link (1.5.1) | joomla! links advanced lin (1.2.1) | editor - xstandard lite jo (1.0) | editor - tinymce 3 (3.2.6) | acymailing tag : date / time (1.2.2) | acymailing tag : joomla user (1.2.2) | acymailing onpreparecontent tr (1.2.2) | acymailing tag : manage su (1.2.2) | acymailing template class repl (1.2.2) | acymailing : statistics plugin (1.2.2) | acymailing tag : subscriber in (1.2.2) | acymailing tag : content inser (1.2.2) | acymailing tag : online links (1.2.2) |
templates discovered :: wrote:templates :: site :: rhuk_milkyway (1.0.2) | beez (1.0.0) | dj-real-estate (1.5) | ja_purity (1.2.0) |
templates :: admin :: khepri (1.0) |


really confused 1 - , appreciated.

darindw wrote:... looking through posts , web, nothing have found seems relevant fixing it......
then did not see before post please read this

from fpa 'register globals: 1'
"...this variable set on , setting known leave site vulnerable hacking."
http://docs.joomla.org/register_globals


the fpa says have 'virtuemart (1.1.7)' vel http://docs.joomla.org/vulnerable_extensions_list says "current version 2.0.6"


where did download custom template ?





Comments

Post a Comment

Popular posts from this blog

How to change text Component easybook reloaded *newbee* - Joomla! Forum - community, help and support

-
Image
hi all, i started building websites joomla not long ago, can use help.. for got problem guestbook. i have installed easybook. , running on following website http://odoorn321.nl/ (under gastenboek) i want change text: waardering website (is dutch valuate website) waardering. idea rid of word website, because have valuate vacation home, not website. i have made screenshot of text want change. where , how going find css file change text? your appreciated! thanks no one? Board index Joomla! Older Version Support Joomla! 2.5 General Questions/New to Joomla! 2.5
Read more

After Effect warning: A problem occurred when processing OpenGL commands

-
i have after effects cs6 in computer cs5.5 installed. 64bit windows 7 ultimate 20gb memory , 2 amd radeon hd 6900 series display adapters drivers updated hour ago (driver date 27.7.2012, version 8.982.0.0).   when trying use after ecffects, error message " after effect warning: problem occurred when processing opengl commands " when clicking composition window.   what done? not much, i'm afraid. need older graphics driver. other disable second card or play configuration. unfortunately not smart person decided cs6 no longer need manual opengl control user, there's no way suppress within program force-revert software-only modes in case of such issues...   mylenium More discussions in After Effects adobe
Read more

Preconditions Failed. - Joomla! Forum - community, help and support

-
hello! i'm having problem; every time click save&close button, or save button, or close button module; following message appears: "precondition failed the precondition on request url /administrator/index.php evaluated false. additionally, 404 not found error encountered while trying use errordocument handle request." it happens modules. thanks in advance. problem description :: forum post assistant (v1.2.3) : 13th november 2012 wrote: can\'t save changes or close module. log/error message :: forum post assistant (v1.2.3) : 13th november 2012 wrote: precondition failed precondition on request url /administrator/index.php evaluated false. additionally, 404 not found error encountered while trying use errordocument handle request. last php error(s) reported :: forum post assistant (v1.2.3) : 13th november 2012 wrote: [04-mar-2012 01:25:56] php fatal error: call member function get() on non-object in /home/joommmy1/addon/youngstaer/sub/teenace/public_html/templates/...
Read more