Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: My Photo Gallery has been hacked  (Read 4125 times)

0 Members and 1 Guest are viewing this topic.

banthes

  • Coppermine newbie
  • Offline Offline
  • Posts: 4
My Photo Gallery has been hacked
« on: July 15, 2007, 05:58:33 am »
I recieved this message from my server provider (doteasy):

Quote
It has come to our attention that one of your PHP script (http://www.countryluau.com/Photos/albums/userpics/10014/shellx.php) was hacked and hacker had already sent alot of phishing mails from your website. All affected folders and files are disabled. Please consider to upgrade or change your script as soon as possible.

I am using version 1.4.1.0 (wasnt aware of the new release) and I no longer have acces to the gallery (permission denied). I cant even delete it. Any ideas?
Logged

Sami

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 3686
  • BMossavari
    • My Project
Re: My Photo Gallery has been hacked
« Reply #1 on: July 15, 2007, 08:55:43 am »
- Either try to chmod/chown those folders or Contact your host and ask them to unlock (set proper permission) those folders for you to upgrade
- Also you should delete all php files except index.php (i.e shellx.php) under albums folder and all folders within albums
Logged
‍I don't answer to PM with support question
Please post your issue to related board

scrambled egg

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 43
Re: My Photo Gallery has been hacked
« Reply #2 on: July 15, 2007, 10:04:48 am »
Quote
Also you should delete all php files except index.php (i.e shellx.php) under albums folder and all folders within albums

Is this true for all versions of CPG, including v1.4.12 - I mean deleting all .php files except index.php ??
Logged

Sami

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 3686
  • BMossavari
    • My Project
Re: My Photo Gallery has been hacked
« Reply #3 on: July 15, 2007, 10:22:52 am »
You shouldn't have any php file under albums folder expect index.php , yes it's apply to 1.4.12 version too
Keep in mind this apply to those php files within albums folder and albums's child folders
Do not delete any other php file
Logged
‍I don't answer to PM with support question
Please post your issue to related board

banthes

  • Coppermine newbie
  • Offline Offline
  • Posts: 4
Re: My Photo Gallery has been hacked
« Reply #4 on: July 15, 2007, 02:37:49 pm »
CHMOD didnt work. I restored a backup of my web site from two weeks ago and still couldnt access the file. I tried to contact doteasy, but I havent heard back from them. Weekend I guess. I can access the file through my SQL admin program and wonder if there is anything in there I can do. I couldnt find the offending file (shellx.php) but that's probably because I restored the site. Is there any way to copy the photo folder to another renamed file and reinstall? I would just reinstall in a different folder, but I've got over 400 photos in there.
Logged

Sami

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 3686
  • BMossavari
    • My Project
Re: My Photo Gallery has been hacked
« Reply #5 on: July 16, 2007, 05:22:25 am »
Do not install new gallery , do not touch your mysql db just restore your backup to a new folder and see if it's working and then if it works upgrade it to the most recent version (currently cpg1.4.12)
« Last Edit: July 16, 2007, 06:39:04 am by GauGau »
Logged
‍I don't answer to PM with support question
Please post your issue to related board
Pages: [1]   Go Up
« previous next »
 

Page created in 0.015 seconds with 16 queries.