I just wanted to let you know that my web-site was hacked recently and I received this email from the support team that host my church web-site:


****************
We received a call from someone who was tracing a hacking program. They let us know that the BibleStudy component of your Joomla installation was allowing hackers to compromise your site. Evidently this is happening to many church sites who use this component, not only on our hosting service, but others, as well.

Please take note.

Thank you,
John
Level 1 Tech Support Engineer
Hostmonster.com
866.573.4678
****************

If this is fixed in a later version, please let me know, I am running version 6.1.

I would also like to say that I (and everyone in the church who uses it) it delighted with the functionality available from Bible Study.
Many Thanks
Jenny Smith

What exact version are you using? You should upgrade to 6.1.5 as it closed a loophole that had existed in many other Joomla components.

Did they tell you the nature of the hack?

Glad you find the component useful.

Blessings,

Tom

Hi Tom,
I was using 6.1 (that's the only version number I could find). I have now installed the secrity patch and then 6.1.5.

The hackers did seem to get back in after I installed the newer components but I don't know if that was because the got the information they needed before I upgraded. I pulled the below text from an error log file in the root directory of the site.

You probably have all this under control in but thought you may be interested just in case.

God Bless You
Jenny
www.liberty-church.co.uk


[12-May-2010 21:00:10] PHP Warning: require_once(/home6/liberub3/public_html/components/com_biblestudy/controllers/tmpshell.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:00:10] PHP Fatal error: require_once() [<a href='function.require'>function.require</a>]: Failed opening required '/home6/liberub3/public_html/components/com_biblestudy/controllers/tmpshell.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:00:19] PHP Warning: require_once(/home6/liberub3/public_html/components/com_biblestudy/controllers/tmpshell.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:00:19] PHP Fatal error: require_once() [<a href='function.require'>function.require</a>]: Failed opening required '/home6/liberub3/public_html/components/com_biblestudy/controllers/tmpshell.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:00:46] PHP Warning: require_once(/home6/liberub3/public_html/components/com_biblestudy/controllers/procselfenviron.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:00:46] PHP Fatal error: require_once() [<a href='function.require'>function.require</a>]: Failed opening required '/home6/liberub3/public_html/components/com_biblestudy/controllers/procselfenviron.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:01:35] PHP Warning: require_once(/home6/liberub3/public_html/components/com_biblestudy/controllers/procselfenviron.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15
[12-May-2010 21:01:35] PHP Fatal error: require_once() [<a href='function.require'>function.require</a>]: Failed opening required '/home6/liberub3/public_html/components/com_biblestudy/controllers/procselfenviron.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home6/liberub3/public_html/components/com_biblestudy/biblestudy.php on line 15

Hi Jenny,

This looks like leftover hack attempts to exploit the vulnerability I referenced. It attempts to get into the main controller. We patched that, and so that may be why there were error messages - the hole has been closed.

Hopefully you will have no more problems!

Tom