H4ck3d By Cyber-r00t

Home

H4ck3d By Cyber-r00t

H4ck3d By Cyber-r00t

Wednesday, 13 August 2008 16:47

E-mail

Print

PDF

My site got hacked earlier today, courtesy of the big gaping security hole that turned up in Joomla! 1.5 a few days ago. Normally I'm quick to apply such security updates, but I had a few other updates in mind too so I was putting it off for a few days. Getting hacked is a new experience for me, so that'll teach me to be so casual in future! It will also teach me to make backups more often, but fortunately the data hadn't actually been deleted. I found all the articles were still in the database only with the state field changed to -2, so if anybody else falls victim to this same attack (it seems to be scripted so there are probably quite a few), you can fix your database as follows:

UPDATE `jos_content` SET state = 0

...which should restore all the articles to the list having "unpublished" status, so you can then re-publish from the administration interface as required.

The attack to which I'm referring leaves a single published article having the same title as this and displaying the following unpleasant image:

Last Updated on Sunday, 27 September 2009 21:25

OpenID

</div>
  <fieldset style="border: none; background: none; padding: 0px; margin: 0px;">
  <input type="hidden" id="option" name="option" value="com_rdf"/>
  <input type="hidden" id="task" name="task" value="postRDF"/>
  <input type="hidden" id="view" name="view" value="semanix"/>
  <input type="hidden" id="layout" name="layout" value="session"/>
  <input type="hidden" id="return" name="return" value="http://www.willdaniels.co.uk/blog/tech-stuff/16-h4ck3d-by-cyber-r00t#comment4c81bd146c168"/>
  <input type="hidden" id="rdf_graph_is" name="rdf_graph[is]" value="urn:/localstore/joomla/sioc"/>
  <input type="hidden" id="rdf_parent_is" name="rdf_parent[is]" value="http://willdaniels.co.uk/component/content/article/16-h4ck3d-by-cyber-r00t"/>
  <input type="hidden" id="rdf_base_is" name="rdf_base[is]" value="http://willdaniels.co.uk/component/content/article/16-h4ck3d-by-cyber-r00t#"/>
  <input type="hidden" id="rdf_this_is" name="rdf_this[is]" value=":comment4c81bd146c168"/>
  <input type="hidden" id="rdf_this_rdf:type" name="rdf_this[rdf:type]" value="sioc:Post, sioctype:Comment"/>
  <input type="hidden" id="rdf_this_dc:date" name="rdf_this[dc:date]" value="?date"/>
  <input type="hidden" id="rdf_this_dc:title" name="rdf_this[dc:title]" value="comment-title"/>
  <input type="hidden" id="rdf_this_sioc:ip_address" name="rdf_this[sioc:ip_address]" value="?ip"/>
  <input type="hidden" id="rdf_this_sioc:reply_of" name="rdf_this[sioc:reply_of]" value="parent"/>
  <input type="hidden" id="rdf_this_sioc:content" name="rdf_this[sioc:content]" value="comment"/>
  <input type="hidden" id="rdf_this_sioc:has_creator" name="rdf_this[sioc:has_creator]" value="?user"/>
  <input type="hidden" id="rdf_-user_sioc:creator_of" name="rdf_?user[sioc:creator_of]" value="this"/>
  <input type="hidden" id="rdf_parent_sioc:has_reply" name="rdf_parent[sioc:has_reply]" value="this"/>
  <input type="hidden" name="19b3ec2e107b8f7794ef2dc2e94d7d3d" value="1"/>
  </fieldset>
<fieldset style="border:none; background:none; padding:0; margin:0;"/></form>

</div>
		</div>

<div id="ja-col1">
					<div class="moduletable_menu">
					<h3>Main Menu</h3>
					<ul class="menu"><li><a href="http://www.willdaniels.co.uk/"><span>Home</span></a></li><li class="parent"><a href="/blog"><span>Blog</span></a><ul><li><a href="/blog/tech-stuff"><span>Tech Stuff</span></a></li><li><a href="/blog/greek"><span>Greek</span></a></li></ul></li><li><a href="/projects"><span>Projects</span></a></li><li class="parent"><a href="/articles"><span>Articles</span></a><ul><li><a href="/articles/howto-guides"><span>HowTo Guides</span></a></li></ul></li><li class="parent"><a href="/reference"><span>Reference</span></a><ul><li><a href="/reference/rdf-vocabulary"><span>RDF Vocabulary</span></a></li></ul></li><li class="parent"><a href="/about"><span>About</span></a><ul><li><a href="/about/biography"><span>Biography</span></a></li><li><a href="/about/profiles"><span>Profiles</span></a></li></ul></li><li><a href="/contact"><span>Contact</span></a></li></ul>		</div>
			<div class="moduletable">
					<h3>identi.ca</h3>
					<p style="padding-top: 0px; margin-top: 0px;">Social networking at <a href="http://identi.ca/wdaniels">identi.ca</a> - an open source improvement on twitter!</p>
<script type="text/javascript" src="/includes/js/identica-badge-xhtml.js">
{
  "user":"wdaniels",
  "server":"identi.ca",
  "headerText":" and friends",
  "width":"100%",
  "headerBackground":"#333333",
  "background":"#ececec"
}
</script>		</div>
	
		</div><br/>
		
		
		</div>

<div id="ja-col2">
					<div class="jamod module" id="Mod21">
			<div>
				<div>
					<div>
																		<h3 class="show"><span>Related Items</span></h3>
												<div class="jamod-content"/>
					</div>
				</div>
			</div>
		</div>
			<div class="jamod module" id="Mod25">
			<div>
				<div>
					<div>
																		<h3 class="show"><span>Sponsorship</span></h3>
												<div class="jamod-content">Visitors are kindly requested to give the advertisements at least a cursory glance.</div>
					</div>
				</div>
			</div>
		</div>
			<div class="jamod module" id="Mod22">
			<div>
				<div>
					<div>
																		<h3 class="show"><span>Google Ads</span></h3>
												<div class="jamod-content"><div style="text-align: center;"><object width="160" height="600" data="/includes/adsense-vert-w.php" type="text/html"/></div></div>
					</div>
				</div>
			</div>
		</div>
	
		</div><br/>
		
		
	</div>
	</div>
</div>
</div>

<div id="ja-botslwrap">
	<div id="ja-botsl" class="clearfix">

<div class="ja-box-full" style="width: 99%;">
					<div class="moduletable">
					
<a id="w3counter" href="http://www.w3counter.com"/>
<script type="text/javascript" src="/includes/js/w3counter.js"/>
<script type="text/javascript">w3counter(26187);</script>
		</div>
	
	  </div>
	  
	  
	  
	  
	</div>
</div>

<div id="ja-footerwrap">
<div id="ja-footer" class="clearfix">

<div id="ja-footnav">
		
	</div>

<div class="copyright">
		
	</div>

<div class="ja-cert">

<a href="http://jigsaw.w3.org/css-validator/check/referer">
        <img style="border:0;width:88px;height:31px" src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="Valid CSS!"/>
    </a>

<span xmlns:dct="http://purl.org/dc/terms/" about="" resource="http://www.w3.org/TR/rdfa-syntax" rel="dct:conformsTo">
    <a href="http://validator.w3.org/check?uri=referer"><img src="http://www.w3.org/Icons/valid-xhtml-rdfa-blue" alt="Valid XHTML + RDFa"/></a>
  </span>

</div>

<br/>
</div>
</div>

</div>

</body>

</html>