Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: hackers (?) creating ads  (Read 4498 times)

0 Members and 1 Guest are viewing this topic.

kateheaven

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Female
  • Posts: 78
    • Kate Hudson Heaven
hackers (?) creating ads
« on: May 05, 2006, 08:07:18 pm »

Hi,
I'm having a problem with someone (hackers?) adding ad codes into my sites coding (I've deleted them all currently so I can't show you an example, but I think some include 'trafficbiz') - they cause the page to freeze and I have to close all my programs. I've contacted my host about this and they say it's very possibly related to coppermine. So I'm looking for help from anyone here on what to do about this. My host suggested you may have a patch file for this problem? If you do provide this, where/what do I need?
I've just upgraded to 1.4.5.
Thanks.

I'm sorry if this is in the wrong forum, I wasn't sure where it belonged ...
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: hackers (?) creating ads
« Reply #1 on: May 05, 2006, 09:23:30 pm »

make sure you haven't fallen victim to the rar vulnerability (not an actual coppermine issue, but an apache2 / server misconfiguration issue) - search the board for "rar". Impossible to say for sure without details. Your webhost should be capable to tell you more than vague guesses. Another possible attack pattern might be using outdated coppermine versions; I guess you upgraded after having been attacked...
The resulting defacing ads are not relevant, but the way the attackers managed to break into your site. For forensic reasons, create a complete backup (using your FTP app) of all files, and compare the files to your local vanilla copies.
Logged
Pages: [1]   Go Up
 

Page created in 0.014 seconds with 20 queries.