Update on sejeal.jpg and upload php hack

[colinvv]

Any more info as to how/who infected your site with the sejeal.jpg and upload php code? I have seen the same thing on my site and have set all user permissions as instructed by the Joomla team, but I think they just kept posting the file into the 'tmp' folder! I am logging/reviewing activities via 'auditd'.

 

Reference post:

http://lime-technology.com/forum/index.php?topic=25250.msg221894#msg221894

 

Thanks.

Colin

 

 

[Haruno]

you can try going through the access logs of your hosting, look for entries that contain "POST". Usually they will list an IP address as well, you can use that IP to try and locate the hacker, results will vary

 

Best way to prevent and solve hacks like this is to update your Joomla and all plugins/templates to the latest version. These updates will effectively close security holes in the installation.

 

Also, change every password from database, to Joomla backend to FTP password of your hosting. Also do a full virus/malware scan of your system and all systems you use to connect to the hosting

[RobJ]

Completely off-topic here, but I have to chuckle every time I see your sig!  I've certainly seen more than my share of the general.  You do realize though how that dates you? 

[Haruno]

I don't, I'm only 27 and picked that line up years ago from a friend and thought it very apropriate for this forum

And it also makes me laugh when I see it.

 

I can only guess where it comes from, I suppose it is from the beginning of the pc, early nineties when disk failures were more common than they are now.

[JonathanM]

I can only guess where it comes from, I suppose it is from the beginning of the pc, early nineties when disk failures were more common than they are now.

This in various flavours when dealing with MS-DOS

[RobJ]

Guess I only dated myself!  I'd say it's from the mid-eighties, possibly late eighties.