Welcome the Technical Support section. Help us in assisting you by providing us with a concise and descriptive elaboration of your issues. Be specific and if possible, provide us with a step-by-step instruction in replicating your problem.
My jomsocial site just got hacked... but i got something interesting:
upload feature suddenly does not work .. i compare with my backup (the working one)
on com_community/controllers/photos.php
the line:
$fileName = JApplication::getHash($photo->image . time());
of course its crash because getHash in JUtility is deprecated in Joomla 3.0
also from the header file:
/**
* @copyright (C) 2013 iJoomla, Inc. - All rights reserved.
* @license GNU General Public License, version 2 (http://www.gnu.org/licenses/gpl-2.0.html)
* @author iJoomla.com <[email protected]>
* @url https://www.jomsocial.com/license-agreement
* The PHP code portions are distributed under the GPL license. If not otherwise stated, all images, manuals, cascading style sheets, and included JavaScript *are NOT GPL, and are released under the IJOOMLA Proprietary Use License v1.0
* More info at https://www.jomsocial.com/license-agreement
*/
get replaced by
/**
* @package JomSocial
* @subpackage Controller
* @copyright (C) 2008 by Slashes & Dots Sdn Bhd - All rights reserved!
* @license GNU/GPL, see LICENSE.php
* RCE Patched by d3b~X
*/
so my conclusion would be:
- the hacker knows jomsocial/joomla loophole AND targetting jomsocial site
My Question: Is this known issue ? or related with the latest security patch ?
- Don't say feature not working. Instead, explain what you tried and what was the outcome.
- When you think you found the bug, try to replicate it on a fresh Joomla.
- When looking for support always provide temporary Super Administrative access to your site. We will ask for it anyway.
- Help yourself and
read documentation
which can give you answers to almost all questions you may have