I have an old joomla installation which was hacked. All I know for now only index.php was changed and they messed with my user accounts. I downloaded index.php from the current version but at one point it calls $app->dispatch(); which requires a component name parameter in my version. Does anyone know what parameter this should be? I tried: null, ‘home’, ‘application’,…
Also I’m planning on updating to the newest version later, however I can’t seem to find my current version number. I found somewhere that it is displayed in the admin pages but I can’t access them yet. Can I find it in the code files somewhere?
EDIT: The index.php from version 1.5.22 worked. Apparently the correct version was 1.5.3. Does anyone know what else I should check that might have been hacked/messed with?
Why not get a copy of the version you used?
http://forum.joomla.org/viewtopic.php?p=2221953
Although I’d recommend upgrading completely, to stop being re-hacked again.
====== Answer to second question
How big is the site? Usually if it’s just a link spamming attack a quick once over will suffice.
The next issue is that you need to patch the hole that caused the problem, in this case upgrading to the latest Joomla (1.6 – I believe) is the first port of call.
Have you modifed the Joomla system in such a way that the hack could have been opened up by you?
My advice, reset the admin passwords and upgrade Joomla.
Very difficult to say anything else without seeing what the “hack” was.